notaryproject · JeyJeyGao · Oct 26, 2023 · Oct 20, 2023 · Oct 20, 2023 · Oct 20, 2023
@@ -20,20 +20,10 @@ import (
 	"crypto/x509"
 	"errors"
 	"fmt"
+	"strings"
 	"time"
 )
 
-var kuLeafCertBlocked = x509.KeyUsageContentCommitment |
-	x509.KeyUsageKeyEncipherment |
-	x509.KeyUsageDataEncipherment |
-	x509.KeyUsageKeyAgreement |
-	x509.KeyUsageCertSign |
-	x509.KeyUsageCRLSign |
-	x509.KeyUsageEncipherOnly |
-	x509.KeyUsageDecipherOnly
-var kuLeafCertBlockedString = "ContentCommitment, KeyEncipherment, DataEncipherment, KeyAgreement, " +
-	"CertSign, CRLSign, EncipherOnly, DecipherOnly"
-
 // ValidateCodeSigningCertChain takes an ordered code-signing certificate chain
 // and validates issuance from leaf to root
 // Validates certificates according to this spec:
@@ -186,8 +176,34 @@ func validateLeafKeyUsage(cert *x509.Certificate) error {
 	if cert.KeyUsage&x509.KeyUsageDigitalSignature == 0 {
 		return fmt.Errorf("certificate with subject %q: key usage must have the bit positions for digital signature set", cert.Subject)
 	}
-	if cert.KeyUsage&kuLeafCertBlocked != 0 {
-		return fmt.Errorf("certificate with subject %q: key usage must not have the bit positions for %s set", cert.Subject, kuLeafCertBlockedString)
+
+	var invalidKeyUsages []string
+	if cert.KeyUsage&x509.KeyUsageContentCommitment != 0 {
+		invalidKeyUsages = append(invalidKeyUsages, "ContentCommitment")
+	}
+	if cert.KeyUsage&x509.KeyUsageKeyEncipherment != 0 {
+		invalidKeyUsages = append(invalidKeyUsages, "KeyEncipherment")
+	}
+	if cert.KeyUsage&x509.KeyUsageDataEncipherment != 0 {
+		invalidKeyUsages = append(invalidKeyUsages, "DataEncipherment")
+	}
+	if cert.KeyUsage&x509.KeyUsageKeyAgreement != 0 {
+		invalidKeyUsages = append(invalidKeyUsages, "KeyAgreement")
+	}
+	if cert.KeyUsage&x509.KeyUsageCertSign != 0 {
+		invalidKeyUsages = append(invalidKeyUsages, "CertSign")
+	}
+	if cert.KeyUsage&x509.KeyUsageCRLSign != 0 {
+		invalidKeyUsages = append(invalidKeyUsages, "CRLSign")
+	}
+	if cert.KeyUsage&x509.KeyUsageEncipherOnly != 0 {
+		invalidKeyUsages = append(invalidKeyUsages, "EncipherOnly")
+	}
+	if cert.KeyUsage&x509.KeyUsageDecipherOnly != 0 {
+		invalidKeyUsages = append(invalidKeyUsages, "DecipherOnly")
+	}
+	if len(invalidKeyUsages) > 0 {
+		return fmt.Errorf("certificate with subject %q is invalid: key usage must be 'Digital Signature' only, found %s", cert.Subject, strings.Join(invalidKeyUsages, ", "))
 	}
 	return nil
 }

@@ -15,7 +15,9 @@ package x509
 
 import (
 	"crypto/x509"
+	"crypto/x509/pkix"
 	_ "embed"
+	"encoding/asn1"
 	"testing"
 	"time"
 
@@ -534,7 +536,7 @@ var kuWrongValuesLeaf = parseCertificateFromString(kuWrongValuesLeafPem)
 
 func TestFailKuWrongValuesLeaf(t *testing.T) {
 	err := validateLeafCertificate(kuWrongValuesLeaf, x509.ExtKeyUsageCodeSigning)
-	assertErrorEqual("certificate with subject \"CN=Hello\": key usage must not have the bit positions for ContentCommitment, KeyEncipherment, DataEncipherment, KeyAgreement, CertSign, CRLSign, EncipherOnly, DecipherOnly set", err, t)
+	assertErrorEqual("certificate with subject \"CN=Hello\" is invalid: key usage must be 'Digital Signature' only, found CertSign, CRLSign", err, t)
 }
 
 var rsaKeyTooSmallLeafPem = "-----BEGIN CERTIFICATE-----\n" +
@@ -699,3 +701,75 @@ func assertErrorEqual(expected string, err error, t *testing.T) {
 		t.Fatalf("Expected error \"%v\" but was \"%v\"", expected, err)
 	}
 }
+
+func TestValidateLeafKeyUsage(t *testing.T) {
+	extensions := []pkix.Extension{{
+		Id:       asn1.ObjectIdentifier{2, 5, 29, 15}, // OID for KeyUsage
+		Critical: true,
+	}}
+
+	tests := []struct {
+		name           string
+		cert           *x509.Certificate
+		expectedErrMsg string
+	}{
+		{
+			name: "Valid DigitalSignature usage",
+			cert: &x509.Certificate{
+				Subject:    pkix.Name{CommonName: "Test CN"},
+				KeyUsage:   x509.KeyUsageDigitalSignature,
+				Extensions: extensions,
+			},
+			expectedErrMsg: "",
+		},
+		{
+			name: "Valid ContentCommitment usage",
+			cert: &x509.Certificate{
+				Subject:    pkix.Name{CommonName: "Test CN"},
+				KeyUsage:   x509.KeyUsageDigitalSignature | x509.KeyUsageContentCommitment,
+				Extensions: extensions,
+			},
+			expectedErrMsg: "certificate with subject \"CN=Test CN\" is invalid: key usage must be 'Digital Signature' only, found ContentCommitment",
+		},
+		{
+			name: "Missing DigitalSignature usage",
+			cert: &x509.Certificate{
+				Subject:    pkix.Name{CommonName: "Test CN"},
+				KeyUsage:   x509.KeyUsageCertSign,
+				Extensions: extensions,
+			},
+			expectedErrMsg: "certificate with subject \"CN=Test CN\": key usage must have the bit positions for digital signature set",
+		},
+		{
+			name: "Invalid KeyEncipherment usage",
+			cert: &x509.Certificate{
+				Subject:    pkix.Name{CommonName: "Test CN"},
+				KeyUsage:   x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment,
+				Extensions: extensions,
+			},
+			expectedErrMsg: "certificate with subject \"CN=Test CN\" is invalid: key usage must be 'Digital Signature' only, found KeyEncipherment",
+		},
+		{
+			name: "Multiple Invalid usages",
+			cert: &x509.Certificate{
+				Subject:    pkix.Name{CommonName: "Test CN"},
+				KeyUsage:   x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment | x509.KeyUsageDataEncipherment | x509.KeyUsageKeyAgreement | x509.KeyUsageCertSign | x509.KeyUsageCRLSign | x509.KeyUsageEncipherOnly | x509.KeyUsageDecipherOnly | x509.KeyUsageEncipherOnly | x509.KeyUsageDecipherOnly,
+				Extensions: extensions,
+			},
+			expectedErrMsg: "certificate with subject \"CN=Test CN\" is invalid: key usage must be 'Digital Signature' only, found KeyEncipherment, DataEncipherment, KeyAgreement, CertSign, CRLSign, EncipherOnly, DecipherOnly",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := validateLeafKeyUsage(tt.cert)
+			if err != nil && tt.expectedErrMsg == "" {
+				t.Fatalf("expected no error, but got: %s", err)
+			} else if err == nil && tt.expectedErrMsg != "" {
+				t.Fatalf("expected error %q, but got none", tt.expectedErrMsg)
+			} else if err != nil && err.Error() != tt.expectedErrMsg {
+				t.Fatalf("expected error %q, but got: %s", tt.expectedErrMsg, err)
+			}
+		})
+	}
+}