Raise exception on wrong root hash

glasserc · glasserc · commit 67aafc2ed64b · 2019-10-28T14:24:16.000-04:00
diff --git a/autograph_utils/__init__.py b/autograph_utils/__init__.py
@@ -128,6 +128,19 @@ def detail(self):
         return f"Certificate expired on {self.not_after}"
 
 
+class CertificateHasWrongRoot(BadCertificate):
+    def __init__(self, *, expected, actual):
+        self.expected = binascii.hexlify(expected).decode()
+        self.actual = binascii.hexlify(actual).decode()
+
+    @property
+    def detail(self):
+        return (
+            "Certificate is not based on expected root hash. "
+            f"Got '{self.actual}' expected '{self.expected}'"
+        )
+
+
 class CertificateHasWrongSubject(BadCertificate):
     def __init__(self, actual, check_description):
         self.check_description = check_description
@@ -255,6 +268,12 @@ async def verify_x5u(self, url):
             if now > cert.not_valid_after:
                 raise CertificateExpired(cert.not_valid_after)
 
+        # Verify chain of trust.
+        chain = certs[::-1]
+        root_hash = chain[0].fingerprint(SHA256())
+        if root_hash != self.root_hash:
+            raise CertificateHasWrongRoot(expected=self.root_hash, actual=root_hash)
+
         leaf_subject_name = (
             certs[0].subject.get_attributes_for_oid(NameOID.COMMON_NAME)[0].value
         )
@@ -263,9 +282,6 @@ async def verify_x5u(self, url):
                 leaf_subject_name, check_description=self.subject_name_check.describe()
             )
 
-        root_hash = certs[-1].fingerprint(SHA256())
-        assert root_hash == self.root_hash
-
         res = certs[0]
         self.cache.set(url, res)
         return res
diff --git a/tests/test_autograph_utils.py b/tests/test_autograph_utils.py
@@ -216,6 +216,26 @@ async def test_verify_x5u_name_exact_doesnt_match(
     )
 
 
+async def test_verify_wrong_root_hash(aiohttp_session, mock_with_x5u, cache, now_fixed):
+    wrong_root_hash = DEV_ROOT_HASH[:-1] + b"\x03"
+    s = SignatureVerifier(
+        aiohttp_session,
+        cache,
+        wrong_root_hash,
+        subject_name_check=ExactMatch("remote-settings.content-signature.mozilla.org"),
+    )
+    with pytest.raises(autograph_utils.CertificateHasWrongRoot) as excinfo:
+        await s.verify_x5u(FAKE_CERT_URL)
+
+    actual = "4c35b1c3e312d955e778edd0a7e78a388304ef01bffa0329b2469f3cc5ec3604"
+    expected = actual[:-1] + "3"
+
+    assert excinfo.value.detail == (
+        "Certificate is not based on expected root hash. "
+        f"Got '{actual}' expected '{expected}'"
+    )
+
+
 def test_command_line_interface():
     """Test the CLI."""
     runner = CliRunner()
