draft: PKCS#7 extension policies

nitneuqr · nitneuqr · commit 8a741bd7c71b · 2025-02-15T13:30:29.000+01:00
added tests accordingly
diff --git a/src/cryptography/hazmat/primitives/serialization/pkcs7.py b/src/cryptography/hazmat/primitives/serialization/pkcs7.py
@@ -21,6 +21,12 @@
     algorithms,
 )
 from cryptography.utils import _check_byteslike
+from cryptography.x509 import Certificate
+from cryptography.x509.verification import (
+    Criticality,
+    ExtensionPolicy,
+    Policy,
+)
 
 load_pem_pkcs7_certificates = rust_pkcs7.load_pem_pkcs7_certificates
 
@@ -53,6 +59,45 @@ class PKCS7Options(utils.Enum):
     NoCerts = "Don't embed signer certificate"
 
 
+def pkcs7_x509_extension_policies() -> tuple[ExtensionPolicy, ExtensionPolicy]:
+    """
+    Gets the default X.509 extension policy for S/MIME. Some specifications
+    that differ from the standard ones:
+    - Certificates used as end entities (i.e., the cert used to sign
+      a PKCS#7/SMIME message) should not have ca=true in their basic
+      constraints extension.
+    - EKU_CLIENT_AUTH_OID is not required
+    - EKU_EMAIL_PROTECTION_OID is required
+    """
+
+    # CA policy
+    def _validate_ca(
+        policy: Policy, cert: Certificate, bc: x509.BasicConstraints
+    ):
+        assert not bc.ca
+
+    ca_policy = ExtensionPolicy.permit_all().require_present(
+        x509.BasicConstraints,
+        Criticality.AGNOSTIC,
+        _validate_ca,
+    )
+
+    # EE policy
+    def _validate_eku(
+        policy: Policy, cert: Certificate, eku: x509.ExtendedKeyUsage
+    ):
+        # Checking for EKU_EMAIL_PROTECTION_OID
+        assert x509.ExtendedKeyUsageOID.EMAIL_PROTECTION in eku  # type: ignore[attr-defined]
+
+    ee_policy = ExtensionPolicy.permit_all().require_present(
+        x509.ExtendedKeyUsage,
+        Criticality.AGNOSTIC,
+        _validate_eku,
+    )
+
+    return ca_policy, ee_policy
+
+
 class PKCS7SignatureBuilder:
     def __init__(
         self,
diff --git a/tests/hazmat/primitives/test_pkcs7.py b/tests/hazmat/primitives/test_pkcs7.py
@@ -18,6 +18,7 @@
 from cryptography.hazmat.primitives.asymmetric import ed25519, padding, rsa
 from cryptography.hazmat.primitives.ciphers import algorithms
 from cryptography.hazmat.primitives.serialization import pkcs7
+from cryptography.x509.verification import PolicyBuilder, Store
 from tests.x509.test_x509 import _generate_ca_and_leaf
 
 from ...hazmat.primitives.fixtures_rsa import (
@@ -139,6 +140,19 @@ def _load_cert_key():
     return cert, key
 
 
+def test_verify_pkcs7_certificate():
+    certificate, _ = _load_cert_key()
+
+    builder = (
+        PolicyBuilder()
+        .store(Store([certificate]))
+        .extension_policies(*pkcs7.pkcs7_x509_extension_policies())
+    )
+
+    verifier = builder.build_client_verifier()
+    verifier.verify(certificate, [])
+
+
 @pytest.mark.supported(
     only_if=lambda backend: backend.pkcs7_supported(),
     skip_message="Requires OpenSSL with PKCS7 support",
