2014-01-21 10:10:33 +04:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
#include "NSSCertDBTrustDomain.h"
|
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
2014-02-24 10:15:53 +04:00
|
|
|
#include "ExtendedValidation.h"
|
2014-05-02 02:07:55 +04:00
|
|
|
#include "OCSPRequestor.h"
|
2015-07-17 19:07:48 +03:00
|
|
|
#include "OCSPVerificationTrustDomain.h"
|
2013-07-09 03:30:59 +04:00
|
|
|
#include "certdb.h"
|
2015-04-24 03:26:29 +03:00
|
|
|
#include "cert.h"
|
2015-04-14 15:30:09 +03:00
|
|
|
#include "mozilla/UniquePtr.h"
|
2015-01-07 08:08:00 +03:00
|
|
|
#include "nsNSSCertificate.h"
|
2014-01-21 10:10:33 +04:00
|
|
|
#include "nss.h"
|
2015-01-07 08:08:00 +03:00
|
|
|
#include "NSSErrorsService.h"
|
|
|
|
#include "nsServiceManagerUtils.h"
|
2013-07-09 03:30:59 +04:00
|
|
|
#include "pk11pub.h"
|
2014-05-02 02:07:55 +04:00
|
|
|
#include "pkix/pkix.h"
|
2014-07-18 22:48:49 +04:00
|
|
|
#include "pkix/pkixnss.h"
|
2014-01-21 10:10:33 +04:00
|
|
|
#include "prerror.h"
|
2013-07-09 03:30:59 +04:00
|
|
|
#include "prmem.h"
|
2014-01-21 10:10:33 +04:00
|
|
|
#include "prprf.h"
|
2015-05-07 21:06:07 +03:00
|
|
|
#include "PublicKeyPinningService.h"
|
2014-07-04 08:49:56 +04:00
|
|
|
#include "ScopedNSSTypes.h"
|
2014-01-21 10:10:33 +04:00
|
|
|
#include "secerr.h"
|
|
|
|
|
2015-04-08 03:29:05 +03:00
|
|
|
#include "CNNICHashWhitelist.inc"
|
|
|
|
|
2014-07-04 08:49:56 +04:00
|
|
|
using namespace mozilla;
|
2014-03-21 01:29:21 +04:00
|
|
|
using namespace mozilla::pkix;
|
2014-01-21 10:10:33 +04:00
|
|
|
|
2016-01-28 21:36:00 +03:00
|
|
|
extern LazyLogModule gCertVerifierLog;
|
2014-02-10 23:41:12 +04:00
|
|
|
|
2014-08-02 19:49:12 +04:00
|
|
|
static const uint64_t ServerFailureDelaySeconds = 5 * 60;
|
|
|
|
|
2014-01-21 10:10:33 +04:00
|
|
|
namespace mozilla { namespace psm {
|
|
|
|
|
|
|
|
const char BUILTIN_ROOTS_MODULE_DEFAULT_NAME[] = "Builtin Roots Module";
|
|
|
|
|
2014-02-10 23:41:12 +04:00
|
|
|
NSSCertDBTrustDomain::NSSCertDBTrustDomain(SECTrustType certDBTrustType,
|
2014-02-24 10:15:53 +04:00
|
|
|
OCSPFetching ocspFetching,
|
2014-03-13 00:08:48 +04:00
|
|
|
OCSPCache& ocspCache,
|
2014-07-07 02:55:38 +04:00
|
|
|
/*optional but shouldn't be*/ void* pinArg,
|
2015-01-23 08:17:00 +03:00
|
|
|
CertVerifier::OcspGetConfig ocspGETConfig,
|
2015-04-07 02:10:28 +03:00
|
|
|
uint32_t certShortLifetimeInDays,
|
2014-09-25 22:18:56 +04:00
|
|
|
CertVerifier::PinningMode pinningMode,
|
2015-03-05 18:41:00 +03:00
|
|
|
unsigned int minRSABits,
|
2015-06-29 23:19:00 +03:00
|
|
|
ValidityCheckingMode validityCheckingMode,
|
2015-09-11 21:52:30 +03:00
|
|
|
CertVerifier::SHA1Mode sha1Mode,
|
2016-01-13 23:50:42 +03:00
|
|
|
ScopedCERTCertList& builtChain,
|
2015-08-21 17:14:08 +03:00
|
|
|
/*optional*/ PinningTelemetryInfo* pinningTelemetryInfo,
|
2016-01-13 23:50:42 +03:00
|
|
|
/*optional*/ const char* hostname)
|
2014-02-10 23:41:12 +04:00
|
|
|
: mCertDBTrustType(certDBTrustType)
|
2014-02-24 10:15:53 +04:00
|
|
|
, mOCSPFetching(ocspFetching)
|
2014-03-13 00:08:48 +04:00
|
|
|
, mOCSPCache(ocspCache)
|
2014-02-10 23:41:12 +04:00
|
|
|
, mPinArg(pinArg)
|
2014-05-22 02:42:21 +04:00
|
|
|
, mOCSPGetConfig(ocspGETConfig)
|
2015-04-07 02:10:28 +03:00
|
|
|
, mCertShortLifetimeInDays(certShortLifetimeInDays)
|
2014-09-25 22:18:56 +04:00
|
|
|
, mPinningMode(pinningMode)
|
2015-03-05 18:41:00 +03:00
|
|
|
, mMinRSABits(minRSABits)
|
2015-06-29 23:19:00 +03:00
|
|
|
, mValidityCheckingMode(validityCheckingMode)
|
2015-09-11 21:52:30 +03:00
|
|
|
, mSHA1Mode(sha1Mode)
|
2016-01-13 23:50:42 +03:00
|
|
|
, mBuiltChain(builtChain)
|
2015-08-21 17:14:08 +03:00
|
|
|
, mPinningTelemetryInfo(pinningTelemetryInfo)
|
2014-09-25 22:18:56 +04:00
|
|
|
, mHostname(hostname)
|
2015-01-07 08:08:00 +03:00
|
|
|
, mCertBlocklist(do_GetService(NS_CERTBLOCKLIST_CONTRACTID))
|
2014-12-12 10:22:35 +03:00
|
|
|
, mOCSPStaplingStatus(CertVerifier::OCSP_STAPLING_NEVER_CHECKED)
|
2014-02-10 23:41:12 +04:00
|
|
|
{
|
|
|
|
}
|
|
|
|
|
2014-12-05 21:12:58 +03:00
|
|
|
// If useRoots is true, we only use root certificates in the candidate list.
|
|
|
|
// If useRoots is false, we only use non-root certificates in the list.
|
2014-12-05 00:37:01 +03:00
|
|
|
static Result
|
2014-12-05 21:12:58 +03:00
|
|
|
FindIssuerInner(ScopedCERTCertList& candidates, bool useRoots,
|
2014-12-05 00:37:01 +03:00
|
|
|
Input encodedIssuerName, TrustDomain::IssuerChecker& checker,
|
|
|
|
/*out*/ bool& keepGoing)
|
|
|
|
{
|
|
|
|
keepGoing = true;
|
|
|
|
for (CERTCertListNode* n = CERT_LIST_HEAD(candidates);
|
|
|
|
!CERT_LIST_END(n, candidates); n = CERT_LIST_NEXT(n)) {
|
2014-12-05 21:12:58 +03:00
|
|
|
bool candidateIsRoot = !!n->cert->isRoot;
|
|
|
|
if (candidateIsRoot != useRoots) {
|
2014-12-05 00:37:01 +03:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
Input certDER;
|
|
|
|
Result rv = certDER.Init(n->cert->derCert.data, n->cert->derCert.len);
|
|
|
|
if (rv != Success) {
|
|
|
|
continue; // probably too big
|
|
|
|
}
|
|
|
|
|
2015-04-24 03:26:29 +03:00
|
|
|
const SECItem encodedIssuerNameItem = {
|
|
|
|
siBuffer,
|
|
|
|
const_cast<unsigned char*>(encodedIssuerName.UnsafeGetData()),
|
|
|
|
encodedIssuerName.GetLength()
|
|
|
|
};
|
|
|
|
ScopedSECItem nameConstraints(::SECITEM_AllocItem(nullptr, nullptr, 0));
|
|
|
|
SECStatus srv = CERT_GetImposedNameConstraints(&encodedIssuerNameItem,
|
|
|
|
nameConstraints.get());
|
|
|
|
if (srv != SECSuccess) {
|
|
|
|
if (PR_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
|
2014-12-05 00:37:01 +03:00
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
2015-04-24 03:26:29 +03:00
|
|
|
|
|
|
|
// If no imposed name constraints were found, continue without them
|
2014-12-05 00:37:01 +03:00
|
|
|
rv = checker.Check(certDER, nullptr, keepGoing);
|
2015-04-24 03:26:29 +03:00
|
|
|
} else {
|
|
|
|
// Otherwise apply the constraints
|
|
|
|
Input nameConstraintsInput;
|
|
|
|
if (nameConstraintsInput.Init(
|
|
|
|
nameConstraints->data,
|
|
|
|
nameConstraints->len) != Success) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
rv = checker.Check(certDER, &nameConstraintsInput, keepGoing);
|
2014-12-05 00:37:01 +03:00
|
|
|
}
|
|
|
|
if (rv != Success) {
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
if (!keepGoing) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return Success;
|
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
Result
|
2014-07-31 23:17:31 +04:00
|
|
|
NSSCertDBTrustDomain::FindIssuer(Input encodedIssuerName,
|
2014-08-02 19:49:12 +04:00
|
|
|
IssuerChecker& checker, Time)
|
2014-02-10 23:41:12 +04:00
|
|
|
{
|
|
|
|
// TODO: NSS seems to be ambiguous between "no potential issuers found" and
|
|
|
|
// "there was an error trying to retrieve the potential issuers."
|
2015-04-24 03:26:29 +03:00
|
|
|
SECItem encodedIssuerNameItem = UnsafeMapInputToSECItem(encodedIssuerName);
|
2014-07-07 02:55:38 +04:00
|
|
|
ScopedCERTCertList
|
2014-07-03 03:15:16 +04:00
|
|
|
candidates(CERT_CreateSubjectCertList(nullptr, CERT_GetDefaultCertDB(),
|
2015-04-24 03:26:29 +03:00
|
|
|
&encodedIssuerNameItem, 0,
|
2014-08-02 10:16:21 +04:00
|
|
|
false));
|
2014-07-03 03:15:16 +04:00
|
|
|
if (candidates) {
|
2014-12-05 00:37:01 +03:00
|
|
|
// First, try all the root certs; then try all the non-root certs.
|
|
|
|
bool keepGoing;
|
|
|
|
Result rv = FindIssuerInner(candidates, true, encodedIssuerName, checker,
|
|
|
|
keepGoing);
|
|
|
|
if (rv != Success) {
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
if (keepGoing) {
|
|
|
|
rv = FindIssuerInner(candidates, false, encodedIssuerName, checker,
|
|
|
|
keepGoing);
|
2014-07-18 22:48:49 +04:00
|
|
|
if (rv != Success) {
|
|
|
|
return rv;
|
2014-07-03 03:15:16 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-02-10 23:41:12 +04:00
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
Result
|
2014-02-10 23:41:12 +04:00
|
|
|
NSSCertDBTrustDomain::GetCertTrust(EndEntityOrCA endEntityOrCA,
|
2014-05-16 05:59:52 +04:00
|
|
|
const CertPolicyId& policy,
|
2014-07-31 23:17:31 +04:00
|
|
|
Input candidateCertDER,
|
2014-07-20 22:06:26 +04:00
|
|
|
/*out*/ TrustLevel& trustLevel)
|
2014-02-10 23:41:12 +04:00
|
|
|
{
|
2014-02-24 10:15:53 +04:00
|
|
|
#ifdef MOZ_NO_EV_CERTS
|
2014-05-16 05:59:52 +04:00
|
|
|
if (!policy.IsAnyPolicy()) {
|
2014-07-18 22:48:49 +04:00
|
|
|
return Result::ERROR_POLICY_VALIDATION_FAILED;
|
2014-02-10 23:41:12 +04:00
|
|
|
}
|
2014-02-24 10:15:53 +04:00
|
|
|
#endif
|
2014-02-10 23:41:12 +04:00
|
|
|
|
2014-06-03 21:47:25 +04:00
|
|
|
// XXX: This would be cleaner and more efficient if we could get the trust
|
|
|
|
// information without constructing a CERTCertificate here, but NSS doesn't
|
|
|
|
// expose it in any other easy-to-use fashion. The use of
|
|
|
|
// CERT_NewTempCertificate to get a CERTCertificate shouldn't be a
|
|
|
|
// performance problem because NSS will just find the existing
|
|
|
|
// CERTCertificate in its in-memory cache and return it.
|
2014-07-31 23:17:31 +04:00
|
|
|
SECItem candidateCertDERSECItem = UnsafeMapInputToSECItem(candidateCertDER);
|
2014-06-03 21:47:25 +04:00
|
|
|
ScopedCERTCertificate candidateCert(
|
2014-07-19 09:30:51 +04:00
|
|
|
CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &candidateCertDERSECItem,
|
|
|
|
nullptr, false, true));
|
2014-06-03 21:47:25 +04:00
|
|
|
if (!candidateCert) {
|
2014-07-18 22:48:49 +04:00
|
|
|
return MapPRErrorCodeToResult(PR_GetError());
|
2014-06-03 21:47:25 +04:00
|
|
|
}
|
|
|
|
|
2015-02-26 06:38:00 +03:00
|
|
|
// Check the certificate against the OneCRL cert blocklist
|
|
|
|
if (!mCertBlocklist) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool isCertRevoked;
|
|
|
|
nsresult nsrv = mCertBlocklist->IsCertRevoked(
|
|
|
|
candidateCert->derIssuer.data,
|
|
|
|
candidateCert->derIssuer.len,
|
|
|
|
candidateCert->serialNumber.data,
|
|
|
|
candidateCert->serialNumber.len,
|
2015-04-01 01:10:09 +03:00
|
|
|
candidateCert->derSubject.data,
|
|
|
|
candidateCert->derSubject.len,
|
|
|
|
candidateCert->derPublicKey.data,
|
|
|
|
candidateCert->derPublicKey.len,
|
2015-02-26 06:38:00 +03:00
|
|
|
&isCertRevoked);
|
|
|
|
if (NS_FAILED(nsrv)) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (isCertRevoked) {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2015-02-26 06:38:00 +03:00
|
|
|
("NSSCertDBTrustDomain: certificate is in blocklist"));
|
|
|
|
return Result::ERROR_REVOKED_CERTIFICATE;
|
|
|
|
}
|
|
|
|
|
2014-02-10 23:41:12 +04:00
|
|
|
// XXX: CERT_GetCertTrust seems to be abusing SECStatus as a boolean, where
|
|
|
|
// SECSuccess means that there is a trust record and SECFailure means there
|
|
|
|
// is not a trust record. I looked at NSS's internal uses of
|
|
|
|
// CERT_GetCertTrust, and all that code uses the result as a boolean meaning
|
|
|
|
// "We have a trust record."
|
|
|
|
CERTCertTrust trust;
|
2014-06-03 21:47:25 +04:00
|
|
|
if (CERT_GetCertTrust(candidateCert.get(), &trust) == SECSuccess) {
|
2014-08-08 16:39:07 +04:00
|
|
|
uint32_t flags = SEC_GET_TRUST_FLAGS(&trust, mCertDBTrustType);
|
2014-02-10 23:41:12 +04:00
|
|
|
|
|
|
|
// For DISTRUST, we use the CERTDB_TRUSTED or CERTDB_TRUSTED_CA bit,
|
|
|
|
// because we can have active distrust for either type of cert. Note that
|
|
|
|
// CERTDB_TERMINAL_RECORD means "stop trying to inherit trust" so if the
|
|
|
|
// relevant trust bit isn't set then that means the cert must be considered
|
|
|
|
// distrusted.
|
2014-08-08 16:39:07 +04:00
|
|
|
uint32_t relevantTrustBit =
|
2014-04-26 03:29:26 +04:00
|
|
|
endEntityOrCA == EndEntityOrCA::MustBeCA ? CERTDB_TRUSTED_CA
|
|
|
|
: CERTDB_TRUSTED;
|
2014-02-10 23:41:12 +04:00
|
|
|
if (((flags & (relevantTrustBit|CERTDB_TERMINAL_RECORD)))
|
|
|
|
== CERTDB_TERMINAL_RECORD) {
|
2014-07-20 22:06:26 +04:00
|
|
|
trustLevel = TrustLevel::ActivelyDistrusted;
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-02-10 23:41:12 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
// For TRUST, we only use the CERTDB_TRUSTED_CA bit, because Gecko hasn't
|
|
|
|
// needed to consider end-entity certs to be their own trust anchors since
|
|
|
|
// Gecko implemented nsICertOverrideService.
|
|
|
|
if (flags & CERTDB_TRUSTED_CA) {
|
2014-05-16 05:59:52 +04:00
|
|
|
if (policy.IsAnyPolicy()) {
|
2014-07-20 22:06:26 +04:00
|
|
|
trustLevel = TrustLevel::TrustAnchor;
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-02-24 10:15:53 +04:00
|
|
|
}
|
|
|
|
#ifndef MOZ_NO_EV_CERTS
|
2014-06-03 21:47:25 +04:00
|
|
|
if (CertIsAuthoritativeForEVPolicy(candidateCert.get(), policy)) {
|
2014-07-20 22:06:26 +04:00
|
|
|
trustLevel = TrustLevel::TrustAnchor;
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-02-24 10:15:53 +04:00
|
|
|
}
|
|
|
|
#endif
|
2014-02-10 23:41:12 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-07-20 22:06:26 +04:00
|
|
|
trustLevel = TrustLevel::InheritsTrust;
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-02-10 23:41:12 +04:00
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
Result
|
2015-02-07 23:14:31 +03:00
|
|
|
NSSCertDBTrustDomain::DigestBuf(Input item, DigestAlgorithm digestAlg,
|
2014-07-07 06:36:05 +04:00
|
|
|
/*out*/ uint8_t* digestBuf, size_t digestBufLen)
|
|
|
|
{
|
2015-02-07 23:14:31 +03:00
|
|
|
return DigestBufNSS(item, digestAlg, digestBuf, digestBufLen);
|
2014-07-07 06:36:05 +04:00
|
|
|
}
|
|
|
|
|
2014-05-02 02:07:55 +04:00
|
|
|
static PRIntervalTime
|
|
|
|
OCSPFetchingTypeToTimeoutTime(NSSCertDBTrustDomain::OCSPFetching ocspFetching)
|
|
|
|
{
|
|
|
|
switch (ocspFetching) {
|
|
|
|
case NSSCertDBTrustDomain::FetchOCSPForDVSoftFail:
|
|
|
|
return PR_SecondsToInterval(2);
|
|
|
|
case NSSCertDBTrustDomain::FetchOCSPForEV:
|
|
|
|
case NSSCertDBTrustDomain::FetchOCSPForDVHardFail:
|
|
|
|
return PR_SecondsToInterval(10);
|
|
|
|
// The rest of these are error cases. Assert in debug builds, but return
|
|
|
|
// the default value corresponding to 2 seconds in release builds.
|
|
|
|
case NSSCertDBTrustDomain::NeverFetchOCSP:
|
|
|
|
case NSSCertDBTrustDomain::LocalOnlyOCSPForEV:
|
|
|
|
PR_NOT_REACHED("we should never see this OCSPFetching type here");
|
2015-12-25 10:03:35 +03:00
|
|
|
break;
|
2014-05-02 02:07:55 +04:00
|
|
|
}
|
2015-12-25 10:03:35 +03:00
|
|
|
|
|
|
|
PR_NOT_REACHED("we're not handling every OCSPFetching type");
|
2014-05-02 02:07:55 +04:00
|
|
|
return PR_SecondsToInterval(2);
|
|
|
|
}
|
|
|
|
|
2014-06-20 21:10:51 +04:00
|
|
|
// Copied and modified from CERT_GetOCSPAuthorityInfoAccessLocation and
|
|
|
|
// CERT_GetGeneralNameByType. Returns SECFailure on error, SECSuccess
|
|
|
|
// with url == nullptr when an OCSP URI was not found, and SECSuccess with
|
|
|
|
// url != nullptr when an OCSP URI was found. The output url will be owned
|
|
|
|
// by the arena.
|
2014-07-18 22:48:49 +04:00
|
|
|
static Result
|
2014-06-20 21:10:51 +04:00
|
|
|
GetOCSPAuthorityInfoAccessLocation(PLArenaPool* arena,
|
2014-07-31 23:17:31 +04:00
|
|
|
Input aiaExtension,
|
2014-06-20 21:10:51 +04:00
|
|
|
/*out*/ char const*& url)
|
|
|
|
{
|
|
|
|
url = nullptr;
|
2014-07-31 23:17:31 +04:00
|
|
|
SECItem aiaExtensionSECItem = UnsafeMapInputToSECItem(aiaExtension);
|
2014-07-19 09:30:51 +04:00
|
|
|
CERTAuthInfoAccess** aia =
|
|
|
|
CERT_DecodeAuthInfoAccessExtension(arena, &aiaExtensionSECItem);
|
2014-06-20 21:10:51 +04:00
|
|
|
if (!aia) {
|
2014-07-18 22:48:49 +04:00
|
|
|
return Result::ERROR_CERT_BAD_ACCESS_LOCATION;
|
2014-06-20 21:10:51 +04:00
|
|
|
}
|
|
|
|
for (size_t i = 0; aia[i]; ++i) {
|
|
|
|
if (SECOID_FindOIDTag(&aia[i]->method) == SEC_OID_PKIX_OCSP) {
|
|
|
|
// NSS chooses the **last** OCSP URL; we choose the **first**
|
|
|
|
CERTGeneralName* current = aia[i]->location;
|
|
|
|
if (!current) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
do {
|
|
|
|
if (current->type == certURI) {
|
|
|
|
const SECItem& location = current->name.other;
|
|
|
|
// (location.len + 1) must be small enough to fit into a uint32_t,
|
|
|
|
// but we limit it to a smaller bound to reduce OOM risk.
|
|
|
|
if (location.len > 1024 || memchr(location.data, 0, location.len)) {
|
|
|
|
// Reject embedded nulls. (NSS doesn't do this)
|
2014-07-18 22:48:49 +04:00
|
|
|
return Result::ERROR_CERT_BAD_ACCESS_LOCATION;
|
2014-06-20 21:10:51 +04:00
|
|
|
}
|
|
|
|
// Copy the non-null-terminated SECItem into a null-terminated string.
|
|
|
|
char* nullTerminatedURL(static_cast<char*>(
|
|
|
|
PORT_ArenaAlloc(arena, location.len + 1)));
|
|
|
|
if (!nullTerminatedURL) {
|
2014-07-18 22:48:49 +04:00
|
|
|
return Result::FATAL_ERROR_NO_MEMORY;
|
2014-06-20 21:10:51 +04:00
|
|
|
}
|
|
|
|
memcpy(nullTerminatedURL, location.data, location.len);
|
|
|
|
nullTerminatedURL[location.len] = 0;
|
|
|
|
url = nullTerminatedURL;
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-06-20 21:10:51 +04:00
|
|
|
}
|
|
|
|
current = CERT_GetNextGeneralName(current);
|
|
|
|
} while (current != aia[i]->location);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-06-20 21:10:51 +04:00
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
Result
|
2014-06-20 21:10:51 +04:00
|
|
|
NSSCertDBTrustDomain::CheckRevocation(EndEntityOrCA endEntityOrCA,
|
2014-08-02 19:49:12 +04:00
|
|
|
const CertID& certID, Time time,
|
2015-04-07 02:10:28 +03:00
|
|
|
Duration validityDuration,
|
2014-07-31 23:17:31 +04:00
|
|
|
/*optional*/ const Input* stapledOCSPResponse,
|
|
|
|
/*optional*/ const Input* aiaExtension)
|
2014-02-17 05:35:40 +04:00
|
|
|
{
|
|
|
|
// Actively distrusted certificates will have already been blocked by
|
|
|
|
// GetCertTrust.
|
|
|
|
|
|
|
|
// TODO: need to verify that IsRevoked isn't called for trust anchors AND
|
2014-03-21 01:29:21 +04:00
|
|
|
// that that fact is documented in mozillapkix.
|
2014-02-17 05:35:40 +04:00
|
|
|
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-02-17 05:35:40 +04:00
|
|
|
("NSSCertDBTrustDomain: Top of CheckRevocation\n"));
|
|
|
|
|
2014-05-31 03:12:36 +04:00
|
|
|
// Bug 991815: The BR allow OCSP for intermediates to be up to one year old.
|
|
|
|
// Since this affects EV there is no reason why DV should be more strict
|
|
|
|
// so all intermediatates are allowed to have OCSP responses up to one year
|
|
|
|
// old.
|
|
|
|
uint16_t maxOCSPLifetimeInDays = 10;
|
|
|
|
if (endEntityOrCA == EndEntityOrCA::MustBeCA) {
|
|
|
|
maxOCSPLifetimeInDays = 365;
|
|
|
|
}
|
|
|
|
|
2014-02-17 05:35:40 +04:00
|
|
|
// If we have a stapled OCSP response then the verification of that response
|
|
|
|
// determines the result unless the OCSP response is expired. We make an
|
|
|
|
// exception for expired responses because some servers, nginx in particular,
|
|
|
|
// are known to serve expired responses due to bugs.
|
2014-06-20 20:01:57 +04:00
|
|
|
// We keep track of the result of verifying the stapled response but don't
|
|
|
|
// immediately return failure if the response has expired.
|
2014-12-20 18:03:57 +03:00
|
|
|
//
|
|
|
|
// We only set the OCSP stapling status if we're validating the end-entity
|
|
|
|
// certificate. Non-end-entity certificates would always be
|
|
|
|
// OCSP_STAPLING_NONE unless/until we implement multi-stapling.
|
2014-07-18 22:48:49 +04:00
|
|
|
Result stapledOCSPResponseResult = Success;
|
2014-02-17 05:35:40 +04:00
|
|
|
if (stapledOCSPResponse) {
|
2014-04-26 03:29:26 +04:00
|
|
|
PR_ASSERT(endEntityOrCA == EndEntityOrCA::MustBeEndEntity);
|
2014-06-20 20:01:57 +04:00
|
|
|
bool expired;
|
2014-07-18 22:48:49 +04:00
|
|
|
stapledOCSPResponseResult =
|
|
|
|
VerifyAndMaybeCacheEncodedOCSPResponse(certID, time,
|
|
|
|
maxOCSPLifetimeInDays,
|
|
|
|
*stapledOCSPResponse,
|
|
|
|
ResponseWasStapled, expired);
|
|
|
|
if (stapledOCSPResponseResult == Success) {
|
2014-03-13 20:41:03 +04:00
|
|
|
// stapled OCSP response present and good
|
2014-12-12 10:22:35 +03:00
|
|
|
mOCSPStaplingStatus = CertVerifier::OCSP_STAPLING_GOOD;
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-03-13 00:08:48 +04:00
|
|
|
("NSSCertDBTrustDomain: stapled OCSP response: good"));
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-02-17 05:35:40 +04:00
|
|
|
}
|
2014-07-18 22:48:49 +04:00
|
|
|
if (stapledOCSPResponseResult == Result::ERROR_OCSP_OLD_RESPONSE ||
|
2014-06-20 20:01:57 +04:00
|
|
|
expired) {
|
|
|
|
// stapled OCSP response present but expired
|
2014-12-12 10:22:35 +03:00
|
|
|
mOCSPStaplingStatus = CertVerifier::OCSP_STAPLING_EXPIRED;
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-06-20 20:01:57 +04:00
|
|
|
("NSSCertDBTrustDomain: expired stapled OCSP response"));
|
|
|
|
} else {
|
2014-03-13 20:41:03 +04:00
|
|
|
// stapled OCSP response present but invalid for some reason
|
2014-12-12 10:22:35 +03:00
|
|
|
mOCSPStaplingStatus = CertVerifier::OCSP_STAPLING_INVALID;
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-03-13 00:08:48 +04:00
|
|
|
("NSSCertDBTrustDomain: stapled OCSP response: failure"));
|
2014-07-18 22:48:49 +04:00
|
|
|
return stapledOCSPResponseResult;
|
2014-02-17 05:35:40 +04:00
|
|
|
}
|
2014-12-20 18:03:57 +03:00
|
|
|
} else if (endEntityOrCA == EndEntityOrCA::MustBeEndEntity) {
|
2014-03-13 20:41:03 +04:00
|
|
|
// no stapled OCSP response
|
2014-12-12 10:22:35 +03:00
|
|
|
mOCSPStaplingStatus = CertVerifier::OCSP_STAPLING_NONE;
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-03-13 00:08:48 +04:00
|
|
|
("NSSCertDBTrustDomain: no stapled OCSP response"));
|
2014-02-17 05:35:40 +04:00
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
Result cachedResponseResult = Success;
|
2014-08-02 19:49:12 +04:00
|
|
|
Time cachedResponseValidThrough(Time::uninitialized);
|
2014-06-20 21:10:51 +04:00
|
|
|
bool cachedResponsePresent = mOCSPCache.Get(certID,
|
2014-07-18 22:48:49 +04:00
|
|
|
cachedResponseResult,
|
2014-03-13 00:08:48 +04:00
|
|
|
cachedResponseValidThrough);
|
|
|
|
if (cachedResponsePresent) {
|
2014-07-18 22:48:49 +04:00
|
|
|
if (cachedResponseResult == Success && cachedResponseValidThrough >= time) {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-03-13 00:08:48 +04:00
|
|
|
("NSSCertDBTrustDomain: cached OCSP response: good"));
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-03-13 00:08:48 +04:00
|
|
|
}
|
|
|
|
// If we have a cached revoked response, use it.
|
2014-07-18 22:48:49 +04:00
|
|
|
if (cachedResponseResult == Result::ERROR_REVOKED_CERTIFICATE) {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-03-13 00:08:48 +04:00
|
|
|
("NSSCertDBTrustDomain: cached OCSP response: revoked"));
|
2014-07-18 22:48:49 +04:00
|
|
|
return Result::ERROR_REVOKED_CERTIFICATE;
|
2014-03-13 00:08:48 +04:00
|
|
|
}
|
|
|
|
// The cached response may indicate an unknown certificate or it may be
|
|
|
|
// expired. Don't return with either of these statuses yet - we may be
|
|
|
|
// able to fetch a more recent one.
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2015-12-29 04:41:54 +03:00
|
|
|
("NSSCertDBTrustDomain: cached OCSP response: error %d",
|
|
|
|
cachedResponseResult));
|
2014-03-13 00:08:48 +04:00
|
|
|
// When a good cached response has expired, it is more convenient
|
|
|
|
// to convert that to an error code and just deal with
|
2014-07-18 22:48:49 +04:00
|
|
|
// cachedResponseResult from here on out.
|
|
|
|
if (cachedResponseResult == Success && cachedResponseValidThrough < time) {
|
|
|
|
cachedResponseResult = Result::ERROR_OCSP_OLD_RESPONSE;
|
2014-03-13 00:08:48 +04:00
|
|
|
}
|
2014-04-29 03:38:15 +04:00
|
|
|
// We may have a cached indication of server failure. Ignore it if
|
|
|
|
// it has expired.
|
2014-07-18 22:48:49 +04:00
|
|
|
if (cachedResponseResult != Success &&
|
|
|
|
cachedResponseResult != Result::ERROR_OCSP_UNKNOWN_CERT &&
|
|
|
|
cachedResponseResult != Result::ERROR_OCSP_OLD_RESPONSE &&
|
2014-04-29 03:38:15 +04:00
|
|
|
cachedResponseValidThrough < time) {
|
2014-07-18 22:48:49 +04:00
|
|
|
cachedResponseResult = Success;
|
2014-04-29 03:38:15 +04:00
|
|
|
cachedResponsePresent = false;
|
|
|
|
}
|
2014-03-13 00:08:48 +04:00
|
|
|
} else {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-03-13 00:08:48 +04:00
|
|
|
("NSSCertDBTrustDomain: no cached OCSP response"));
|
|
|
|
}
|
2014-07-18 22:48:49 +04:00
|
|
|
// At this point, if and only if cachedErrorResult is Success, there was no
|
2014-03-13 00:08:48 +04:00
|
|
|
// cached response.
|
2014-07-18 22:48:49 +04:00
|
|
|
PR_ASSERT((!cachedResponsePresent && cachedResponseResult == Success) ||
|
|
|
|
(cachedResponsePresent && cachedResponseResult != Success));
|
2014-02-17 05:35:40 +04:00
|
|
|
|
2015-05-07 20:54:05 +03:00
|
|
|
// If we have a fresh OneCRL Blocklist we can skip OCSP for CA certs
|
|
|
|
bool blocklistIsFresh;
|
|
|
|
nsresult nsrv = mCertBlocklist->IsBlocklistFresh(&blocklistIsFresh);
|
|
|
|
if (NS_FAILED(nsrv)) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
|
2014-02-24 10:15:53 +04:00
|
|
|
// TODO: We still need to handle the fallback for expired responses. But,
|
|
|
|
// if/when we disable OCSP fetching by default, it would be ambiguous whether
|
|
|
|
// security.OCSP.enable==0 means "I want the default" or "I really never want
|
|
|
|
// you to ever fetch OCSP."
|
2014-02-17 05:35:40 +04:00
|
|
|
|
2015-04-07 02:10:28 +03:00
|
|
|
Duration shortLifetime(mCertShortLifetimeInDays * Time::ONE_DAY_IN_SECONDS);
|
|
|
|
|
2015-05-16 23:38:34 +03:00
|
|
|
if ((mOCSPFetching == NeverFetchOCSP) ||
|
|
|
|
(validityDuration < shortLifetime) ||
|
|
|
|
(endEntityOrCA == EndEntityOrCA::MustBeCA &&
|
|
|
|
(mOCSPFetching == FetchOCSPForDVHardFail ||
|
|
|
|
mOCSPFetching == FetchOCSPForDVSoftFail ||
|
|
|
|
blocklistIsFresh))) {
|
2014-03-13 00:08:48 +04:00
|
|
|
// We're not going to be doing any fetching, so if there was a cached
|
|
|
|
// "unknown" response, say so.
|
2014-07-18 22:48:49 +04:00
|
|
|
if (cachedResponseResult == Result::ERROR_OCSP_UNKNOWN_CERT) {
|
|
|
|
return Result::ERROR_OCSP_UNKNOWN_CERT;
|
2014-03-13 00:08:48 +04:00
|
|
|
}
|
|
|
|
// If we're doing hard-fail, we want to know if we have a cached response
|
|
|
|
// that has expired.
|
|
|
|
if (mOCSPFetching == FetchOCSPForDVHardFail &&
|
2014-07-18 22:48:49 +04:00
|
|
|
cachedResponseResult == Result::ERROR_OCSP_OLD_RESPONSE) {
|
|
|
|
return Result::ERROR_OCSP_OLD_RESPONSE;
|
2014-03-13 00:08:48 +04:00
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-02-24 10:15:53 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
if (mOCSPFetching == LocalOnlyOCSPForEV) {
|
2014-07-18 22:48:49 +04:00
|
|
|
if (cachedResponseResult != Success) {
|
|
|
|
return cachedResponseResult;
|
|
|
|
}
|
|
|
|
return Result::ERROR_OCSP_UNKNOWN_CERT;
|
2014-02-24 10:15:53 +04:00
|
|
|
}
|
|
|
|
|
2014-06-20 21:10:51 +04:00
|
|
|
ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
|
|
|
|
if (!arena) {
|
2014-07-18 22:48:49 +04:00
|
|
|
return Result::FATAL_ERROR_NO_MEMORY;
|
2014-06-20 21:10:51 +04:00
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
Result rv;
|
2014-06-20 21:10:51 +04:00
|
|
|
const char* url = nullptr; // owned by the arena
|
|
|
|
|
|
|
|
if (aiaExtension) {
|
2014-07-18 22:48:49 +04:00
|
|
|
rv = GetOCSPAuthorityInfoAccessLocation(arena.get(), *aiaExtension, url);
|
|
|
|
if (rv != Success) {
|
|
|
|
return rv;
|
2014-06-20 21:10:51 +04:00
|
|
|
}
|
|
|
|
}
|
2014-02-24 10:15:53 +04:00
|
|
|
|
|
|
|
if (!url) {
|
2014-03-13 00:08:48 +04:00
|
|
|
if (mOCSPFetching == FetchOCSPForEV ||
|
2014-07-18 22:48:49 +04:00
|
|
|
cachedResponseResult == Result::ERROR_OCSP_UNKNOWN_CERT) {
|
|
|
|
return Result::ERROR_OCSP_UNKNOWN_CERT;
|
2014-02-24 10:15:53 +04:00
|
|
|
}
|
2014-07-18 22:48:49 +04:00
|
|
|
if (cachedResponseResult == Result::ERROR_OCSP_OLD_RESPONSE) {
|
|
|
|
return Result::ERROR_OCSP_OLD_RESPONSE;
|
2014-02-24 10:15:53 +04:00
|
|
|
}
|
2014-07-18 22:48:49 +04:00
|
|
|
if (stapledOCSPResponseResult != Success) {
|
|
|
|
return stapledOCSPResponseResult;
|
2014-06-20 20:01:57 +04:00
|
|
|
}
|
2014-02-17 05:35:40 +04:00
|
|
|
|
|
|
|
// Nothing to do if we don't have an OCSP responder URI for the cert; just
|
|
|
|
// assume it is good. Note that this is the confusing, but intended,
|
|
|
|
// interpretation of "strict" revocation checking in the face of a
|
|
|
|
// certificate that lacks an OCSP responder URI.
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-02-24 10:15:53 +04:00
|
|
|
}
|
2014-02-17 05:35:40 +04:00
|
|
|
|
2014-04-29 03:38:15 +04:00
|
|
|
// Only request a response if we didn't have a cached indication of failure
|
|
|
|
// (don't keep requesting responses from a failing server).
|
2014-07-31 23:17:31 +04:00
|
|
|
Input response;
|
2014-07-26 03:59:22 +04:00
|
|
|
bool attemptedRequest;
|
2014-07-18 22:48:49 +04:00
|
|
|
if (cachedResponseResult == Success ||
|
|
|
|
cachedResponseResult == Result::ERROR_OCSP_UNKNOWN_CERT ||
|
|
|
|
cachedResponseResult == Result::ERROR_OCSP_OLD_RESPONSE) {
|
|
|
|
uint8_t ocspRequest[OCSP_REQUEST_MAX_LENGTH];
|
|
|
|
size_t ocspRequestLength;
|
|
|
|
rv = CreateEncodedOCSPRequest(*this, certID, ocspRequest,
|
|
|
|
ocspRequestLength);
|
|
|
|
if (rv != Success) {
|
|
|
|
return rv;
|
2014-04-29 03:38:15 +04:00
|
|
|
}
|
2014-07-18 22:48:49 +04:00
|
|
|
SECItem ocspRequestItem = {
|
|
|
|
siBuffer,
|
|
|
|
ocspRequest,
|
|
|
|
static_cast<unsigned int>(ocspRequestLength)
|
|
|
|
};
|
2014-07-19 09:30:51 +04:00
|
|
|
// Owned by arena
|
2016-03-19 07:11:03 +03:00
|
|
|
SECItem* responseSECItem = nullptr;
|
|
|
|
Result tempRV =
|
2014-07-19 09:30:51 +04:00
|
|
|
DoOCSPRequest(arena.get(), url, &ocspRequestItem,
|
|
|
|
OCSPFetchingTypeToTimeoutTime(mOCSPFetching),
|
2016-03-19 07:11:03 +03:00
|
|
|
mOCSPGetConfig == CertVerifier::ocspGetEnabled,
|
|
|
|
responseSECItem);
|
|
|
|
MOZ_ASSERT((tempRV != Success) || responseSECItem);
|
|
|
|
if (tempRV != Success) {
|
|
|
|
rv = tempRV;
|
2014-07-19 09:30:51 +04:00
|
|
|
} else if (response.Init(responseSECItem->data, responseSECItem->len)
|
|
|
|
!= Success) {
|
|
|
|
rv = Result::ERROR_OCSP_MALFORMED_RESPONSE; // too big
|
2014-07-26 03:59:22 +04:00
|
|
|
}
|
|
|
|
attemptedRequest = true;
|
|
|
|
} else {
|
2014-07-18 22:48:49 +04:00
|
|
|
rv = cachedResponseResult;
|
2014-07-26 03:59:22 +04:00
|
|
|
attemptedRequest = false;
|
2014-02-24 10:15:53 +04:00
|
|
|
}
|
2014-02-17 05:35:40 +04:00
|
|
|
|
2014-07-19 09:30:51 +04:00
|
|
|
if (response.GetLength() == 0) {
|
2014-07-18 22:48:49 +04:00
|
|
|
Result error = rv;
|
2014-07-26 03:59:22 +04:00
|
|
|
if (attemptedRequest) {
|
2014-08-02 19:49:12 +04:00
|
|
|
Time timeout(time);
|
2014-11-21 21:43:43 +03:00
|
|
|
if (timeout.AddSeconds(ServerFailureDelaySeconds) != Success) {
|
2014-08-02 19:49:12 +04:00
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE; // integer overflow
|
|
|
|
}
|
2014-07-18 22:48:49 +04:00
|
|
|
rv = mOCSPCache.Put(certID, error, time, timeout);
|
|
|
|
if (rv != Success) {
|
|
|
|
return rv;
|
2014-07-26 03:59:22 +04:00
|
|
|
}
|
2014-04-29 03:38:15 +04:00
|
|
|
}
|
2014-02-24 10:15:53 +04:00
|
|
|
if (mOCSPFetching != FetchOCSPForDVSoftFail) {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-02-24 10:15:53 +04:00
|
|
|
("NSSCertDBTrustDomain: returning SECFailure after "
|
2014-05-02 02:07:55 +04:00
|
|
|
"OCSP request failure"));
|
2014-07-18 22:48:49 +04:00
|
|
|
return error;
|
2014-02-17 05:35:40 +04:00
|
|
|
}
|
2014-07-18 22:48:49 +04:00
|
|
|
if (cachedResponseResult == Result::ERROR_OCSP_UNKNOWN_CERT) {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-03-13 00:08:48 +04:00
|
|
|
("NSSCertDBTrustDomain: returning SECFailure from cached "
|
2014-05-02 02:07:55 +04:00
|
|
|
"response after OCSP request failure"));
|
2014-07-18 22:48:49 +04:00
|
|
|
return cachedResponseResult;
|
2014-03-13 00:08:48 +04:00
|
|
|
}
|
2014-07-18 22:48:49 +04:00
|
|
|
if (stapledOCSPResponseResult != Success) {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-06-06 20:20:50 +04:00
|
|
|
("NSSCertDBTrustDomain: returning SECFailure from expired "
|
|
|
|
"stapled response after OCSP request failure"));
|
2014-07-18 22:48:49 +04:00
|
|
|
return stapledOCSPResponseResult;
|
2014-06-06 20:20:50 +04:00
|
|
|
}
|
2014-02-17 05:35:40 +04:00
|
|
|
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-02-24 10:15:53 +04:00
|
|
|
("NSSCertDBTrustDomain: returning SECSuccess after "
|
2014-05-02 02:07:55 +04:00
|
|
|
"OCSP request failure"));
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success; // Soft fail -> success :(
|
2014-02-24 10:15:53 +04:00
|
|
|
}
|
|
|
|
|
2014-06-20 20:01:57 +04:00
|
|
|
// If the response from the network has expired but indicates a revoked
|
|
|
|
// or unknown certificate, PR_GetError() will return the appropriate error.
|
|
|
|
// We actually ignore expired here.
|
|
|
|
bool expired;
|
2014-07-18 22:48:49 +04:00
|
|
|
rv = VerifyAndMaybeCacheEncodedOCSPResponse(certID, time,
|
|
|
|
maxOCSPLifetimeInDays,
|
2014-07-19 09:30:51 +04:00
|
|
|
response, ResponseIsFromNetwork,
|
2014-07-18 22:48:49 +04:00
|
|
|
expired);
|
|
|
|
if (rv == Success || mOCSPFetching != FetchOCSPForDVSoftFail) {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-02-24 10:15:53 +04:00
|
|
|
("NSSCertDBTrustDomain: returning after VerifyEncodedOCSPResponse"));
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
if (rv == Result::ERROR_OCSP_UNKNOWN_CERT ||
|
|
|
|
rv == Result::ERROR_REVOKED_CERTIFICATE) {
|
2014-02-24 10:15:53 +04:00
|
|
|
return rv;
|
2014-02-17 05:35:40 +04:00
|
|
|
}
|
2014-07-18 22:48:49 +04:00
|
|
|
if (stapledOCSPResponseResult != Success) {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-06-06 20:20:50 +04:00
|
|
|
("NSSCertDBTrustDomain: returning SECFailure from expired stapled "
|
|
|
|
"response after OCSP request verification failure"));
|
2014-07-18 22:48:49 +04:00
|
|
|
return stapledOCSPResponseResult;
|
2014-06-06 20:20:50 +04:00
|
|
|
}
|
|
|
|
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-02-17 05:35:40 +04:00
|
|
|
("NSSCertDBTrustDomain: end of CheckRevocation"));
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success; // Soft fail -> success :(
|
2014-02-17 05:35:40 +04:00
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
Result
|
2014-03-13 00:08:48 +04:00
|
|
|
NSSCertDBTrustDomain::VerifyAndMaybeCacheEncodedOCSPResponse(
|
2014-08-02 19:49:12 +04:00
|
|
|
const CertID& certID, Time time, uint16_t maxLifetimeInDays,
|
2014-07-31 23:17:31 +04:00
|
|
|
Input encodedResponse, EncodedResponseSource responseSource,
|
2014-06-20 21:10:51 +04:00
|
|
|
/*out*/ bool& expired)
|
2014-03-13 00:08:48 +04:00
|
|
|
{
|
2014-08-02 19:49:12 +04:00
|
|
|
Time thisUpdate(Time::uninitialized);
|
|
|
|
Time validThrough(Time::uninitialized);
|
2015-07-17 19:07:48 +03:00
|
|
|
|
|
|
|
// We use a try and fallback approach which first mandates good signature
|
|
|
|
// digest algorithms, then falls back to SHA-1 if this fails. If a delegated
|
|
|
|
// OCSP response signing certificate was issued with a SHA-1 signature,
|
|
|
|
// verification initially fails. We cache the failure and then re-use that
|
|
|
|
// result even when doing fallback (i.e. when weak signature digest algorithms
|
|
|
|
// should succeed). To address this we use an OCSPVerificationTrustDomain
|
|
|
|
// here, rather than using *this, to ensure verification succeeds for all
|
|
|
|
// allowed signature digest algorithms.
|
|
|
|
OCSPVerificationTrustDomain trustDomain(*this);
|
|
|
|
Result rv = VerifyEncodedOCSPResponse(trustDomain, certID, time,
|
2014-07-18 22:48:49 +04:00
|
|
|
maxLifetimeInDays, encodedResponse,
|
|
|
|
expired, &thisUpdate, &validThrough);
|
2014-06-20 20:01:57 +04:00
|
|
|
// If a response was stapled and expired, we don't want to cache it. Return
|
|
|
|
// early to simplify the logic here.
|
|
|
|
if (responseSource == ResponseWasStapled && expired) {
|
2014-07-18 22:48:49 +04:00
|
|
|
PR_ASSERT(rv != Success);
|
2014-06-20 20:01:57 +04:00
|
|
|
return rv;
|
|
|
|
}
|
2014-04-29 03:38:15 +04:00
|
|
|
// validThrough is only trustworthy if the response successfully verifies
|
|
|
|
// or it indicates a revoked or unknown certificate.
|
|
|
|
// If this isn't the case, store an indication of failure (to prevent
|
|
|
|
// repeatedly requesting a response from a failing server).
|
2014-07-18 22:48:49 +04:00
|
|
|
if (rv != Success && rv != Result::ERROR_REVOKED_CERTIFICATE &&
|
|
|
|
rv != Result::ERROR_OCSP_UNKNOWN_CERT) {
|
2014-08-02 19:49:12 +04:00
|
|
|
validThrough = time;
|
|
|
|
if (validThrough.AddSeconds(ServerFailureDelaySeconds) != Success) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE; // integer overflow
|
|
|
|
}
|
2014-04-29 03:38:15 +04:00
|
|
|
}
|
|
|
|
if (responseSource == ResponseIsFromNetwork ||
|
2014-07-18 22:48:49 +04:00
|
|
|
rv == Success ||
|
|
|
|
rv == Result::ERROR_REVOKED_CERTIFICATE ||
|
|
|
|
rv == Result::ERROR_OCSP_UNKNOWN_CERT) {
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-03-13 00:08:48 +04:00
|
|
|
("NSSCertDBTrustDomain: caching OCSP response"));
|
2014-07-18 22:48:49 +04:00
|
|
|
Result putRV = mOCSPCache.Put(certID, rv, thisUpdate, validThrough);
|
|
|
|
if (putRV != Success) {
|
|
|
|
return putRV;
|
2014-03-13 00:08:48 +04:00
|
|
|
}
|
2014-04-29 03:38:15 +04:00
|
|
|
}
|
|
|
|
|
2014-03-13 00:08:48 +04:00
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
2015-04-08 03:29:05 +03:00
|
|
|
static const uint8_t CNNIC_ROOT_CA_SUBJECT_DATA[] =
|
|
|
|
"\x30\x32\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x0E\x30"
|
|
|
|
"\x0C\x06\x03\x55\x04\x0A\x13\x05\x43\x4E\x4E\x49\x43\x31\x13\x30\x11\x06"
|
|
|
|
"\x03\x55\x04\x03\x13\x0A\x43\x4E\x4E\x49\x43\x20\x52\x4F\x4F\x54";
|
|
|
|
|
|
|
|
static const uint8_t CNNIC_EV_ROOT_CA_SUBJECT_DATA[] =
|
|
|
|
"\x30\x81\x8A\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x32"
|
|
|
|
"\x30\x30\x06\x03\x55\x04\x0A\x0C\x29\x43\x68\x69\x6E\x61\x20\x49\x6E\x74"
|
|
|
|
"\x65\x72\x6E\x65\x74\x20\x4E\x65\x74\x77\x6F\x72\x6B\x20\x49\x6E\x66\x6F"
|
|
|
|
"\x72\x6D\x61\x74\x69\x6F\x6E\x20\x43\x65\x6E\x74\x65\x72\x31\x47\x30\x45"
|
|
|
|
"\x06\x03\x55\x04\x03\x0C\x3E\x43\x68\x69\x6E\x61\x20\x49\x6E\x74\x65\x72"
|
|
|
|
"\x6E\x65\x74\x20\x4E\x65\x74\x77\x6F\x72\x6B\x20\x49\x6E\x66\x6F\x72\x6D"
|
|
|
|
"\x61\x74\x69\x6F\x6E\x20\x43\x65\x6E\x74\x65\x72\x20\x45\x56\x20\x43\x65"
|
|
|
|
"\x72\x74\x69\x66\x69\x63\x61\x74\x65\x73\x20\x52\x6F\x6F\x74";
|
|
|
|
|
|
|
|
class WhitelistedCNNICHashBinarySearchComparator
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
explicit WhitelistedCNNICHashBinarySearchComparator(const uint8_t* aTarget,
|
|
|
|
size_t aTargetLength)
|
|
|
|
: mTarget(aTarget)
|
|
|
|
{
|
|
|
|
MOZ_ASSERT(aTargetLength == CNNIC_WHITELIST_HASH_LEN,
|
|
|
|
"Hashes should be of the same length.");
|
|
|
|
}
|
|
|
|
|
|
|
|
int operator()(const WhitelistedCNNICHash val) const {
|
|
|
|
return memcmp(mTarget, val.hash, CNNIC_WHITELIST_HASH_LEN);
|
|
|
|
}
|
|
|
|
|
|
|
|
private:
|
|
|
|
const uint8_t* mTarget;
|
|
|
|
};
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
Result
|
2014-09-25 22:18:56 +04:00
|
|
|
NSSCertDBTrustDomain::IsChainValid(const DERArray& certArray, Time time)
|
2014-07-07 02:55:38 +04:00
|
|
|
{
|
2015-06-04 01:25:57 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
2014-09-25 22:18:56 +04:00
|
|
|
("NSSCertDBTrustDomain: IsChainValid"));
|
2014-07-07 02:55:38 +04:00
|
|
|
|
|
|
|
ScopedCERTCertList certList;
|
2014-07-18 22:48:49 +04:00
|
|
|
SECStatus srv = ConstructCERTCertListFromReversedDERArray(certArray,
|
|
|
|
certList);
|
|
|
|
if (srv != SECSuccess) {
|
|
|
|
return MapPRErrorCodeToResult(PR_GetError());
|
2014-02-06 02:49:10 +04:00
|
|
|
}
|
2015-05-07 21:06:07 +03:00
|
|
|
if (CERT_LIST_EMPTY(certList)) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
2014-07-07 02:55:38 +04:00
|
|
|
|
2015-04-08 03:29:05 +03:00
|
|
|
// If the certificate appears to have been issued by a CNNIC root, only allow
|
|
|
|
// it if it is on the whitelist.
|
|
|
|
CERTCertListNode* rootNode = CERT_LIST_TAIL(certList);
|
|
|
|
if (!rootNode) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
CERTCertificate* root = rootNode->cert;
|
|
|
|
if (!root) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
if ((root->derSubject.len == sizeof(CNNIC_ROOT_CA_SUBJECT_DATA) - 1 &&
|
|
|
|
memcmp(root->derSubject.data, CNNIC_ROOT_CA_SUBJECT_DATA,
|
|
|
|
root->derSubject.len) == 0) ||
|
|
|
|
(root->derSubject.len == sizeof(CNNIC_EV_ROOT_CA_SUBJECT_DATA) - 1 &&
|
|
|
|
memcmp(root->derSubject.data, CNNIC_EV_ROOT_CA_SUBJECT_DATA,
|
|
|
|
root->derSubject.len) == 0)) {
|
|
|
|
CERTCertListNode* certNode = CERT_LIST_HEAD(certList);
|
|
|
|
if (!certNode) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
CERTCertificate* cert = certNode->cert;
|
|
|
|
if (!cert) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
Digest digest;
|
|
|
|
nsresult nsrv = digest.DigestBuf(SEC_OID_SHA256, cert->derCert.data,
|
|
|
|
cert->derCert.len);
|
|
|
|
if (NS_FAILED(nsrv)) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
const uint8_t* certHash(
|
|
|
|
reinterpret_cast<const uint8_t*>(digest.get().data));
|
|
|
|
size_t certHashLen = digest.get().len;
|
|
|
|
size_t unused;
|
|
|
|
if (!mozilla::BinarySearchIf(WhitelistedCNNICHashes, 0,
|
|
|
|
ArrayLength(WhitelistedCNNICHashes),
|
|
|
|
WhitelistedCNNICHashBinarySearchComparator(
|
|
|
|
certHash, certHashLen),
|
|
|
|
&unused)) {
|
|
|
|
return Result::ERROR_REVOKED_CERTIFICATE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-05-07 21:06:07 +03:00
|
|
|
bool isBuiltInRoot = false;
|
2016-03-05 04:06:33 +03:00
|
|
|
Result rv = IsCertBuiltInRoot(root, isBuiltInRoot);
|
|
|
|
if (rv != Success) {
|
|
|
|
return rv;
|
2015-05-07 21:06:07 +03:00
|
|
|
}
|
|
|
|
bool skipPinningChecksBecauseOfMITMMode =
|
|
|
|
(!isBuiltInRoot && mPinningMode == CertVerifier::pinningAllowUserCAMITM);
|
|
|
|
// If mHostname isn't set, we're not verifying in the context of a TLS
|
|
|
|
// handshake, so don't verify HPKP in those cases.
|
|
|
|
if (mHostname && (mPinningMode != CertVerifier::pinningDisabled) &&
|
|
|
|
!skipPinningChecksBecauseOfMITMMode) {
|
|
|
|
bool enforceTestMode =
|
|
|
|
(mPinningMode == CertVerifier::pinningEnforceTestMode);
|
|
|
|
bool chainHasValidPins;
|
|
|
|
nsresult nsrv = PublicKeyPinningService::ChainHasValidPins(
|
2015-08-21 17:14:08 +03:00
|
|
|
certList, mHostname, time, enforceTestMode, chainHasValidPins,
|
|
|
|
mPinningTelemetryInfo);
|
2015-05-07 21:06:07 +03:00
|
|
|
if (NS_FAILED(nsrv)) {
|
|
|
|
return Result::FATAL_ERROR_LIBRARY_FAILURE;
|
|
|
|
}
|
|
|
|
if (!chainHasValidPins) {
|
|
|
|
return Result::ERROR_KEY_PINNING_FAILURE;
|
|
|
|
}
|
2014-02-06 02:49:10 +04:00
|
|
|
}
|
2014-07-07 02:55:38 +04:00
|
|
|
|
2016-01-13 23:50:42 +03:00
|
|
|
mBuiltChain = certList.forget();
|
2014-07-07 02:55:38 +04:00
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
return Success;
|
2014-02-06 02:49:10 +04:00
|
|
|
}
|
|
|
|
|
2015-02-15 03:59:02 +03:00
|
|
|
Result
|
2015-07-09 09:22:29 +03:00
|
|
|
NSSCertDBTrustDomain::CheckSignatureDigestAlgorithm(DigestAlgorithm aAlg,
|
2015-09-11 21:52:30 +03:00
|
|
|
EndEntityOrCA endEntityOrCA,
|
|
|
|
Time notBefore)
|
2015-02-15 03:59:02 +03:00
|
|
|
{
|
2015-09-11 21:52:30 +03:00
|
|
|
// (new Date("2016-01-01T00:00:00Z")).getTime() / 1000
|
|
|
|
static const Time JANUARY_FIRST_2016 = TimeFromEpochInSeconds(1451606400);
|
|
|
|
|
2015-07-09 09:22:29 +03:00
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
|
|
|
|
("NSSCertDBTrustDomain: CheckSignatureDigestAlgorithm"));
|
|
|
|
if (aAlg == DigestAlgorithm::sha1) {
|
2015-09-11 21:52:30 +03:00
|
|
|
switch (mSHA1Mode) {
|
|
|
|
case CertVerifier::SHA1Mode::Forbidden:
|
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug, ("SHA-1 certificate rejected"));
|
|
|
|
return Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED;
|
2016-01-13 23:50:42 +03:00
|
|
|
case CertVerifier::SHA1Mode::Before2016:
|
2015-09-11 21:52:30 +03:00
|
|
|
if (JANUARY_FIRST_2016 <= notBefore) {
|
|
|
|
MOZ_LOG(gCertVerifierLog, LogLevel::Debug, ("Post-2015 SHA-1 certificate rejected"));
|
|
|
|
return Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case CertVerifier::SHA1Mode::Allowed:
|
2016-01-13 23:50:42 +03:00
|
|
|
// Enforcing that the resulting chain uses an imported root is only
|
|
|
|
// possible at a higher level. This is done in CertVerifier::VerifyCert.
|
|
|
|
case CertVerifier::SHA1Mode::ImportedRoot:
|
2015-09-11 21:52:30 +03:00
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
2015-07-09 09:22:29 +03:00
|
|
|
}
|
2016-01-13 23:50:42 +03:00
|
|
|
|
2015-02-15 03:59:02 +03:00
|
|
|
return Success;
|
|
|
|
}
|
|
|
|
|
2014-07-18 22:48:49 +04:00
|
|
|
Result
|
2015-02-03 03:17:08 +03:00
|
|
|
NSSCertDBTrustDomain::CheckRSAPublicKeyModulusSizeInBits(
|
|
|
|
EndEntityOrCA /*endEntityOrCA*/, unsigned int modulusSizeInBits)
|
2014-07-16 03:49:00 +04:00
|
|
|
{
|
2015-03-05 18:41:00 +03:00
|
|
|
if (modulusSizeInBits < mMinRSABits) {
|
2015-02-03 03:17:08 +03:00
|
|
|
return Result::ERROR_INADEQUATE_KEY_SIZE;
|
|
|
|
}
|
|
|
|
return Success;
|
|
|
|
}
|
|
|
|
|
2015-02-07 23:14:31 +03:00
|
|
|
Result
|
|
|
|
NSSCertDBTrustDomain::VerifyRSAPKCS1SignedDigest(
|
|
|
|
const SignedDigest& signedDigest,
|
|
|
|
Input subjectPublicKeyInfo)
|
|
|
|
{
|
|
|
|
return VerifyRSAPKCS1SignedDigestNSS(signedDigest, subjectPublicKeyInfo,
|
|
|
|
mPinArg);
|
|
|
|
}
|
|
|
|
|
2015-02-03 03:17:08 +03:00
|
|
|
Result
|
|
|
|
NSSCertDBTrustDomain::CheckECDSACurveIsAcceptable(
|
|
|
|
EndEntityOrCA /*endEntityOrCA*/, NamedCurve curve)
|
|
|
|
{
|
|
|
|
switch (curve) {
|
|
|
|
case NamedCurve::secp256r1: // fall through
|
|
|
|
case NamedCurve::secp384r1: // fall through
|
|
|
|
case NamedCurve::secp521r1:
|
|
|
|
return Success;
|
|
|
|
}
|
|
|
|
|
|
|
|
return Result::ERROR_UNSUPPORTED_ELLIPTIC_CURVE;
|
2014-07-16 03:49:00 +04:00
|
|
|
}
|
|
|
|
|
2015-02-07 23:14:31 +03:00
|
|
|
Result
|
|
|
|
NSSCertDBTrustDomain::VerifyECDSASignedDigest(const SignedDigest& signedDigest,
|
|
|
|
Input subjectPublicKeyInfo)
|
|
|
|
{
|
|
|
|
return VerifyECDSASignedDigestNSS(signedDigest, subjectPublicKeyInfo,
|
|
|
|
mPinArg);
|
|
|
|
}
|
|
|
|
|
2015-06-29 23:19:00 +03:00
|
|
|
Result
|
|
|
|
NSSCertDBTrustDomain::CheckValidityIsAcceptable(Time notBefore, Time notAfter,
|
|
|
|
EndEntityOrCA endEntityOrCA,
|
|
|
|
KeyPurposeId keyPurpose)
|
|
|
|
{
|
|
|
|
if (endEntityOrCA != EndEntityOrCA::MustBeEndEntity) {
|
|
|
|
return Success;
|
|
|
|
}
|
|
|
|
if (keyPurpose == KeyPurposeId::id_kp_OCSPSigning) {
|
|
|
|
return Success;
|
|
|
|
}
|
|
|
|
|
2015-11-13 09:42:00 +03:00
|
|
|
Duration DURATION_27_MONTHS_PLUS_SLOP((2 * 365 + 3 * 31 + 7) *
|
|
|
|
Time::ONE_DAY_IN_SECONDS);
|
2015-06-29 23:19:00 +03:00
|
|
|
Duration maxValidityDuration(UINT64_MAX);
|
|
|
|
Duration validityDuration(notBefore, notAfter);
|
|
|
|
|
|
|
|
switch (mValidityCheckingMode) {
|
|
|
|
case ValidityCheckingMode::CheckingOff:
|
|
|
|
return Success;
|
|
|
|
case ValidityCheckingMode::CheckForEV:
|
2015-11-13 09:42:00 +03:00
|
|
|
// The EV Guidelines say the maximum is 27 months, but we use a slightly
|
|
|
|
// higher limit here to (hopefully) minimize compatibility breakage.
|
|
|
|
maxValidityDuration = DURATION_27_MONTHS_PLUS_SLOP;
|
2015-06-29 23:19:00 +03:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
PR_NOT_REACHED("We're not handling every ValidityCheckingMode type");
|
|
|
|
}
|
|
|
|
|
|
|
|
if (validityDuration > maxValidityDuration) {
|
|
|
|
return Result::ERROR_VALIDITY_TOO_LONG;
|
|
|
|
}
|
|
|
|
|
|
|
|
return Success;
|
|
|
|
}
|
|
|
|
|
2014-02-10 23:41:12 +04:00
|
|
|
namespace {
|
|
|
|
|
2014-01-21 10:10:33 +04:00
|
|
|
static char*
|
|
|
|
nss_addEscape(const char* string, char quote)
|
|
|
|
{
|
2013-09-20 00:39:36 +04:00
|
|
|
char* newString = 0;
|
2014-05-15 04:46:32 +04:00
|
|
|
size_t escapes = 0, size = 0;
|
2013-09-20 00:39:36 +04:00
|
|
|
const char* src;
|
|
|
|
char* dest;
|
|
|
|
|
|
|
|
for (src = string; *src; src++) {
|
|
|
|
if ((*src == quote) || (*src == '\\')) {
|
|
|
|
escapes++;
|
|
|
|
}
|
|
|
|
size++;
|
|
|
|
}
|
2014-01-21 10:10:33 +04:00
|
|
|
|
2014-05-15 04:46:32 +04:00
|
|
|
newString = (char*) PORT_ZAlloc(escapes + size + 1u);
|
2013-09-20 00:39:36 +04:00
|
|
|
if (!newString) {
|
|
|
|
return nullptr;
|
|
|
|
}
|
2014-01-21 10:10:33 +04:00
|
|
|
|
2013-09-20 00:39:36 +04:00
|
|
|
for (src = string, dest = newString; *src; src++, dest++) {
|
|
|
|
if ((*src == quote) || (*src == '\\')) {
|
|
|
|
*dest++ = '\\';
|
2014-01-21 10:10:33 +04:00
|
|
|
}
|
2013-09-20 00:39:36 +04:00
|
|
|
*dest = *src;
|
|
|
|
}
|
2014-01-21 10:10:33 +04:00
|
|
|
|
2013-09-20 00:39:36 +04:00
|
|
|
return newString;
|
2014-01-21 10:10:33 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
} // unnamed namespace
|
|
|
|
|
|
|
|
SECStatus
|
2015-10-30 20:37:22 +03:00
|
|
|
InitializeNSS(const char* dir, bool readOnly, bool loadPKCS11Modules)
|
2014-01-21 10:10:33 +04:00
|
|
|
{
|
|
|
|
// The NSS_INIT_NOROOTINIT flag turns off the loading of the root certs
|
|
|
|
// module by NSS_Initialize because we will load it in InstallLoadableRoots
|
|
|
|
// later. It also allows us to work around a bug in the system NSS in
|
|
|
|
// Ubuntu 8.04, which loads any nonexistent "<configdir>/libnssckbi.so" as
|
|
|
|
// "/usr/lib/nss/libnssckbi.so".
|
|
|
|
uint32_t flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE;
|
|
|
|
if (readOnly) {
|
|
|
|
flags |= NSS_INIT_READONLY;
|
|
|
|
}
|
2015-10-30 20:37:22 +03:00
|
|
|
if (!loadPKCS11Modules) {
|
|
|
|
flags |= NSS_INIT_NOMODDB;
|
|
|
|
}
|
2014-01-21 10:10:33 +04:00
|
|
|
return ::NSS_Initialize(dir, "", "", SECMOD_DB, flags);
|
|
|
|
}
|
|
|
|
|
2014-01-20 13:30:25 +04:00
|
|
|
void
|
|
|
|
DisableMD5()
|
|
|
|
{
|
|
|
|
NSS_SetAlgorithmPolicy(SEC_OID_MD5,
|
|
|
|
0, NSS_USE_ALG_IN_CERT_SIGNATURE | NSS_USE_ALG_IN_CMS_SIGNATURE);
|
|
|
|
NSS_SetAlgorithmPolicy(SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION,
|
|
|
|
0, NSS_USE_ALG_IN_CERT_SIGNATURE | NSS_USE_ALG_IN_CMS_SIGNATURE);
|
|
|
|
NSS_SetAlgorithmPolicy(SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC,
|
|
|
|
0, NSS_USE_ALG_IN_CERT_SIGNATURE | NSS_USE_ALG_IN_CMS_SIGNATURE);
|
|
|
|
}
|
|
|
|
|
2014-01-21 10:10:33 +04:00
|
|
|
SECStatus
|
|
|
|
LoadLoadableRoots(/*optional*/ const char* dir, const char* modNameUTF8)
|
|
|
|
{
|
|
|
|
PR_ASSERT(modNameUTF8);
|
|
|
|
|
|
|
|
if (!modNameUTF8) {
|
|
|
|
PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
|
|
|
|
return SECFailure;
|
|
|
|
}
|
|
|
|
|
2015-04-13 08:57:48 +03:00
|
|
|
UniquePtr<char, void(&)(char*)>
|
|
|
|
fullLibraryPath(PR_GetLibraryName(dir, "nssckbi"), PR_FreeLibraryName);
|
2014-01-21 10:10:33 +04:00
|
|
|
if (!fullLibraryPath) {
|
|
|
|
return SECFailure;
|
|
|
|
}
|
|
|
|
|
2015-04-13 08:57:48 +03:00
|
|
|
UniquePtr<char, void(&)(void*)>
|
|
|
|
escaped_fullLibraryPath(nss_addEscape(fullLibraryPath.get(), '\"'),
|
|
|
|
PORT_Free);
|
2014-01-21 10:10:33 +04:00
|
|
|
if (!escaped_fullLibraryPath) {
|
|
|
|
return SECFailure;
|
|
|
|
}
|
|
|
|
|
|
|
|
// If a module exists with the same name, delete it.
|
|
|
|
int modType;
|
|
|
|
SECMOD_DeleteModule(modNameUTF8, &modType);
|
|
|
|
|
2015-04-13 08:57:48 +03:00
|
|
|
UniquePtr<char, void(&)(char*)>
|
|
|
|
pkcs11ModuleSpec(PR_smprintf("name=\"%s\" library=\"%s\"", modNameUTF8,
|
|
|
|
escaped_fullLibraryPath.get()),
|
|
|
|
PR_smprintf_free);
|
2014-01-21 10:10:33 +04:00
|
|
|
if (!pkcs11ModuleSpec) {
|
|
|
|
return SECFailure;
|
|
|
|
}
|
|
|
|
|
2016-02-18 17:01:39 +03:00
|
|
|
UniqueSECMODModule rootsModule(SECMOD_LoadUserModule(pkcs11ModuleSpec.get(),
|
2014-01-21 10:10:33 +04:00
|
|
|
nullptr, false));
|
|
|
|
if (!rootsModule) {
|
|
|
|
return SECFailure;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!rootsModule->loaded) {
|
|
|
|
PR_SetError(PR_INVALID_STATE_ERROR, 0);
|
|
|
|
return SECFailure;
|
|
|
|
}
|
|
|
|
|
|
|
|
return SECSuccess;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
UnloadLoadableRoots(const char* modNameUTF8)
|
|
|
|
{
|
|
|
|
PR_ASSERT(modNameUTF8);
|
2016-02-18 17:01:39 +03:00
|
|
|
UniqueSECMODModule rootsModule(SECMOD_FindModule(modNameUTF8));
|
2014-01-21 10:10:33 +04:00
|
|
|
|
|
|
|
if (rootsModule) {
|
|
|
|
SECMOD_UnloadUserModule(rootsModule.get());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-07-09 03:30:59 +04:00
|
|
|
char*
|
|
|
|
DefaultServerNicknameForCert(CERTCertificate* cert)
|
|
|
|
{
|
|
|
|
char* nickname = nullptr;
|
|
|
|
int count;
|
|
|
|
bool conflict;
|
|
|
|
char* servername = nullptr;
|
|
|
|
|
|
|
|
servername = CERT_GetCommonName(&cert->subject);
|
|
|
|
if (!servername) {
|
|
|
|
// Certs without common names are strange, but they do exist...
|
|
|
|
// Let's try to use another string for the nickname
|
|
|
|
servername = CERT_GetOrgUnitName(&cert->subject);
|
|
|
|
if (!servername) {
|
|
|
|
servername = CERT_GetOrgName(&cert->subject);
|
|
|
|
if (!servername) {
|
|
|
|
servername = CERT_GetLocalityName(&cert->subject);
|
|
|
|
if (!servername) {
|
|
|
|
servername = CERT_GetStateName(&cert->subject);
|
|
|
|
if (!servername) {
|
|
|
|
servername = CERT_GetCountryName(&cert->subject);
|
|
|
|
if (!servername) {
|
|
|
|
// We tried hard, there is nothing more we can do.
|
|
|
|
// A cert without any names doesn't really make sense.
|
|
|
|
return nullptr;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
count = 1;
|
|
|
|
while (1) {
|
|
|
|
if (count == 1) {
|
|
|
|
nickname = PR_smprintf("%s", servername);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
nickname = PR_smprintf("%s #%d", servername, count);
|
|
|
|
}
|
|
|
|
if (!nickname) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
conflict = SEC_CertNicknameConflict(nickname, &cert->derSubject,
|
|
|
|
cert->dbhandle);
|
|
|
|
if (!conflict) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
PR_Free(nickname);
|
|
|
|
count++;
|
|
|
|
}
|
|
|
|
PR_FREEIF(servername);
|
|
|
|
return nickname;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2014-07-07 02:55:38 +04:00
|
|
|
SaveIntermediateCerts(const ScopedCERTCertList& certList)
|
2013-07-09 03:30:59 +04:00
|
|
|
{
|
|
|
|
if (!certList) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool isEndEntity = true;
|
|
|
|
for (CERTCertListNode* node = CERT_LIST_HEAD(certList);
|
|
|
|
!CERT_LIST_END(node, certList);
|
|
|
|
node = CERT_LIST_NEXT(node)) {
|
|
|
|
if (isEndEntity) {
|
|
|
|
// Skip the end-entity; we only want to store intermediates
|
|
|
|
isEndEntity = false;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (node->cert->slot) {
|
|
|
|
// This cert was found on a token, no need to remember it in the temp db.
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (node->cert->isperm) {
|
|
|
|
// We don't need to remember certs already stored in perm db.
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
// We have found a signer cert that we want to remember.
|
|
|
|
char* nickname = DefaultServerNicknameForCert(node->cert);
|
|
|
|
if (nickname && *nickname) {
|
2015-04-13 08:57:48 +03:00
|
|
|
ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot());
|
2013-07-09 03:30:59 +04:00
|
|
|
if (slot) {
|
|
|
|
PK11_ImportCert(slot.get(), node->cert, CK_INVALID_HANDLE,
|
|
|
|
nickname, false);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
PR_FREEIF(nickname);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-01-21 10:10:33 +04:00
|
|
|
} } // namespace mozilla::psm
|