Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update ctclient to support SCT extensions #1645

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Update ctclient to support SCT extensions #1645

wants to merge 2 commits into from

Conversation

liweitianux
Copy link

@liweitianux liweitianux commented Jan 16, 2025
edited
Loading

According to RFC 6962 (Section 3.4), the extensions field defined for SCT is also included in MerkleTreeLeaf.TimestampedEntry. So, the functions that build the MerkleTreeLeaf struct are required to accept the extensions parameter to fill this field.

Although RFC 6962 itself specified no extensions, the Static CT API v1.0.0 defined the leaf_index(0) SCT extension. With a CT deployment based on Sunlight and Sunglasses, the ctclient get-inclusion-proof was failing because of the wrong leaf hash. With this patch, both ctclient upload and ctclient get-inclusion-proof work as expected.

Example 1:

% ./ctclient upload --log_uri http://xx.xx.xx.xx/ --cert_chain certchain.pem 
Uploaded chain of 2 certs to V1 log at http://xx.xx.xx.xx, timestamp: 1736993985743 (2025-01-16 10:19:45.743 +0800 CST)
LogID: e1cd6efe39e5c0c3e74662da1b7ee34341ad35b1b88cd1d423009183bd2af233
LeafHash: 95dfd9d2ce74b02ffa0bd223f46699b5cc16f1daefc38a9e7296faf02a215ba0
Extensions: 0000050000000003
Signature: Signature: Hash=SHA256 Sign=ECDSA Value=3045022100ae6c61d79279be24cd74b8ea2865af8e450c4233ba3ace5ec03c2024cbda722e022056be7cae85ef3704ff258d45b289adbd15de3904c74429f7e7a28fdc6c684403

% ./ctclient get-inclusion-proof --log_uri http://xx.xx.xx.xx/ --cert_chain certchain.pem --timestamp 1736993985743 --extensions 0000050000000003
W0116 10:48:43.940273  769215 get_inclusion_proof.go:115] WARNING: Timestamp (2025-01-16 10:19:45.743 +0800 CST) is with MMD window (24h0m0s), log may not have incorporated this entry yet.
Inclusion proof for index 3 in tree of size 4:
  0318588c51b46f47cfc616866430c80b6d0f5e48a9443f9487742bce4657ffec
  9f18abe16348ff92e5a0a4dde5b7a4e26a2cad5eb25aa88fef0cc74b2fa1869c
Verified that hash 95dfd9d2ce74b02ffa0bd223f46699b5cc16f1daefc38a9e7296faf02a215ba0 + proof = root hash 374d16c2911995e6ccb82de5faf338fbdfc6ae46110bc92f7dbbdd347b028cd9

% ./ctclient get-inclusion-proof --log_uri http://xx.xx.xx.xx/ --leaf_hash 95dfd9d2ce74b02ffa0bd223f46699b5cc16f1daefc38a9e7296faf02a215ba0 --timestamp 1736993985743
Inclusion proof for index 3 in tree of size 4:
  0318588c51b46f47cfc616866430c80b6d0f5e48a9443f9487742bce4657ffec
  9f18abe16348ff92e5a0a4dde5b7a4e26a2cad5eb25aa88fef0cc74b2fa1869c
Verified that hash 95dfd9d2ce74b02ffa0bd223f46699b5cc16f1daefc38a9e7296faf02a215ba0 + proof = root hash 374d16c2911995e6ccb82de5faf338fbdfc6ae46110bc92f7dbbdd347b028cd9

Example 2:

% ./ctclient get-entries --log_uri=http://xx.xx.xx.xx/ --text=false --first=0 --last=0 | tee /tmp/cert.pem 
Index=0 Timestamp=1736905054743 (2025-01-15 09:37:34.743 +0800 CST) Extensions=0000050000000000 X.509 certificate:
-----BEGIN CERTIFICATE-----
<snipped>
-----END CERTIFICATE-----

% ./ctclient get-inclusion-proof --log_uri=http://xx.xx.xx.xx/ --cert_chain=/tmp/cert.pem
Inclusion proof for index 0 in tree of size 5:
  e8b8c9f9f817b1883b10d142c6e36301c38425579008de9c2014d97473913ff2
  c5c949e33b5bd60a5d2b04cf55be9cfdcd0ddc770e2f7a48e388092896357106
  f0ea43a03eb06795727a7ebf4a2d3c560076001df2632671681ec3b141d63e1f
Verified that hash 2bd991db6c1a1d3c4a5f210efadb857d5ec0927a9ebb9887b7eecd65eca72758 + proof = root hash df2555e82accd739d1568aed994d9e0bc36b4912a0a8cb4637943f5593fb8b09

Checklist

@liweitianux liweitianux requested a review from a team as a code owner January 16, 2025 02:56
@liweitianux liweitianux requested review from roger2hk and removed request for a team January 16, 2025 02:56
@google-cla Google CLA
Copy link

google-cla bot commented Jan 16, 2025

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

@liweitianux liweitianux force-pushed the sct-extensions-in-leaf branch from 1782a3b to e877abf Compare January 16, 2025 03:13
@roger2hk
Copy link
Contributor

/gcbrun

@roger2hk roger2hk requested a review from phbnf January 20, 2025 15:44
phbnf
phbnf reviewed Jan 23, 2025
View reviewed changes
client/ctclient/cmd/get_inclusion_proof.go Show resolved Hide resolved
serialization.go Outdated Show resolved Hide resolved
serialization.go Outdated Show resolved Hide resolved
@phbnf
Copy link
Contributor

phbnf commented Jan 23, 2025

Thanks a lot for sending this!

@liweitianux
Copy link
Author

@phbnf Thank you for the review. I'll update the patch later, but maybe a bit slow because I'll be busy during the coming Spring Festival holidays.

Cheers.

@liweitianux liweitianux force-pushed the sct-extensions-in-leaf branch from e877abf to 2eac070 Compare January 24, 2025 12:32
@liweitianux
Update ctclient to support SCT extensions
e9832e5 
According to RFC 6962 (Section 3.4), the 'extensions' field defined for
SCT is also included in 'MerkleTreeLeaf.TimestampedEntry'.  Since the
current MerkleTreeLeaf functions (e.g., CreateX509MerkleTreeLeaf())
don't support to specify this field, we need to manually fill it in
order to calculate the correct leaf hash.  As suggested, we chose not to
change the signatures of those functions to avoid breaking external
dependencies.

* Update LogClient.VerifySCTSignature() to fill the 'extensions' field
  from 'sct.Extensions'.
* Update ctclient's get-entries command to print the extensions if
  non-empty, which can be parsed by the 'get-inclusion-proof' command
  similar to the 'timestamp' field for convenience.
* Update ctclient's upload command to calculate the leaf hash with the
  'sct.Extensions'; also print the SCT extensions as hex string in the
  end, which may be used by the 'get-inclusion-proof' command.
* Update ctclient's get-inclusion-proof command to add the
  '--extensions' flag to specify the SCT extensions returned by 'upload'
  command.

Signed-off-by: Aaron LI <aaronly.me@gmail.com>
@liweitianux
Update CHANGELOG
26cc158 
Signed-off-by: Aaron LI <aaronly.me@gmail.com>
@liweitianux liweitianux force-pushed the sct-extensions-in-leaf branch from b4168d4 to 26cc158 Compare January 24, 2025 12:37
@liweitianux
Copy link
Author

Hi @phbnf, I've updated and rebased the patch. Please have another look. Thank you.

@liweitianux liweitianux changed the title Include SCT extensions field in MerkleTreeLeaf Update ctclient to support SCT extensions Jan 25, 2025
@phbnf
Copy link
Contributor

phbnf commented Jan 28, 2025

/gcbrun

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phbnf phbnf phbnf left review comments

@roger2hk roger2hk Awaiting requested review from roger2hk roger2hk is a code owner automatically assigned from google/certificate-transparency

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@liweitianux @roger2hk @phbnf