mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1153444 - Fix up Key Pinning Telemetry (r=keeler)

This commit is contained in:
Mark Goodwin 2015-08-21 15:14:08 +01:00
Родитель 991ab71c34
Коммит f2b116c0d6
10 изменённых файлов: 111 добавлений и 42 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

41
security/certverifier/CertVerifier.cpp
Просмотреть файл

@ -124,7 +124,8 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
/*optional out*/ SECOidTag* evOidPolicy,
/*optional out*/ OCSPStaplingStatus* ocspStaplingStatus,
/*optional out*/ KeySizeStatus* keySizeStatus,
/*optional out*/ SignatureDigestStatus* sigDigestStatus)
/*optional out*/ SignatureDigestStatus* sigDigestStatus,
/*optional out*/ PinningTelemetryInfo* pinningTelemetryInfo)
{
MOZ_LOG(gCertVerifierLog, LogLevel::Debug, ("Top of VerifyCert\n"));
@ -212,7 +213,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
mCertShortLifetimeInDays,
pinningDisabled, MIN_RSA_BITS_WEAK,
ValidityCheckingMode::CheckingOff,
AcceptAllAlgorithms, nullptr,
AcceptAllAlgorithms, nullptr, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
@ -262,12 +263,18 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
for (size_t i=0;
i < digestAlgorithmOptionsCount && rv != Success && srv == SECSuccess;
i++) {
// Because of the try-strict and fallback approach, we have to clear any
// previously noted telemetry information
if (pinningTelemetryInfo) {
pinningTelemetryInfo->Reset();
}
NSSCertDBTrustDomain
trustDomain(trustSSL, evOCSPFetching,
mOCSPCache, pinArg, ocspGETConfig,
mCertShortLifetimeInDays, mPinningMode, MIN_RSA_BITS,
ValidityCheckingMode::CheckForEV,
digestAlgorithmOptions[i], hostname, builtChain);
digestAlgorithmOptions[i], pinningTelemetryInfo, hostname,
builtChain);
rv = BuildCertChainForOneKeyUsage(trustDomain, certDER, time,
KeyUsage::digitalSignature,// (EC)DHE
KeyUsage::keyEncipherment, // RSA
@ -315,12 +322,19 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
for (size_t i=0; i<keySizeOptionsCount && rv != Success; i++) {
for (size_t j=0; j<digestAlgorithmOptionsCount && rv != Success; j++) {
// invalidate any telemetry info relating to failed chains
if (pinningTelemetryInfo) {
pinningTelemetryInfo->Reset();
}
NSSCertDBTrustDomain trustDomain(trustSSL, defaultOCSPFetching,
mOCSPCache, pinArg, ocspGETConfig,
mCertShortLifetimeInDays,
mPinningMode, keySizeOptions[i],
ValidityCheckingMode::CheckingOff,
digestAlgorithmOptions[j],
pinningTelemetryInfo,
hostname, builtChain);
rv = BuildCertChainForOneKeyUsage(trustDomain, certDER, time,
KeyUsage::digitalSignature,//(EC)DHE
@ -361,7 +375,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
mCertShortLifetimeInDays,
pinningDisabled, MIN_RSA_BITS_WEAK,
ValidityCheckingMode::CheckingOff,
AcceptAllAlgorithms, nullptr,
AcceptAllAlgorithms, nullptr, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeCA, KeyUsage::keyCertSign,
@ -376,7 +390,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
mCertShortLifetimeInDays,
pinningDisabled, MIN_RSA_BITS_WEAK,
ValidityCheckingMode::CheckingOff,
AcceptAllAlgorithms, nullptr,
AcceptAllAlgorithms, nullptr, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
@ -402,7 +416,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
mCertShortLifetimeInDays,
pinningDisabled, MIN_RSA_BITS_WEAK,
ValidityCheckingMode::CheckingOff,
AcceptAllAlgorithms, nullptr,
AcceptAllAlgorithms, nullptr, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
@ -425,7 +439,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
mCertShortLifetimeInDays,
pinningDisabled, MIN_RSA_BITS_WEAK,
ValidityCheckingMode::CheckingOff,
AcceptAllAlgorithms, nullptr,
AcceptAllAlgorithms, nullptr, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
@ -457,7 +471,8 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
pinArg, ocspGETConfig, mCertShortLifetimeInDays,
pinningDisabled, MIN_RSA_BITS_WEAK,
ValidityCheckingMode::CheckingOff,
AcceptAllAlgorithms, nullptr, builtChain);
AcceptAllAlgorithms, nullptr, nullptr,
builtChain);
rv = BuildCertChain(sslTrust, certDER, time, endEntityOrCA,
keyUsage, eku, CertPolicyId::anyPolicy,
stapledOCSPResponse);
@ -467,7 +482,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
mCertShortLifetimeInDays,
pinningDisabled, MIN_RSA_BITS_WEAK,
ValidityCheckingMode::CheckingOff,
AcceptAllAlgorithms, nullptr,
AcceptAllAlgorithms, nullptr, nullptr,
builtChain);
rv = BuildCertChain(emailTrust, certDER, time, endEntityOrCA,
keyUsage, eku, CertPolicyId::anyPolicy,
@ -481,7 +496,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
MIN_RSA_BITS_WEAK,
ValidityCheckingMode::CheckingOff,
AcceptAllAlgorithms,
nullptr, builtChain);
nullptr, nullptr, builtChain);
rv = BuildCertChain(objectSigningTrust, certDER, time,
endEntityOrCA, keyUsage, eku,
CertPolicyId::anyPolicy, stapledOCSPResponse);
@ -515,7 +530,8 @@ CertVerifier::VerifySSLServerCert(CERTCertificate* peerCert,
/*optional out*/ SECOidTag* evOidPolicy,
/*optional out*/ OCSPStaplingStatus* ocspStaplingStatus,
/*optional out*/ KeySizeStatus* keySizeStatus,
/*optional out*/ SignatureDigestStatus* sigDigestStatus)
/*optional out*/ SignatureDigestStatus* sigDigestStatus,
/*optional out*/ PinningTelemetryInfo* pinningTelemetryInfo)
{
PR_ASSERT(peerCert);
// XXX: PR_ASSERT(pinarg)
@ -540,7 +556,8 @@ CertVerifier::VerifySSLServerCert(CERTCertificate* peerCert,
SECStatus rv = VerifyCert(peerCert, certificateUsageSSLServer, time, pinarg,
hostname, flags, stapledOCSPResponse,
&builtChainTemp, evOidPolicy, ocspStaplingStatus,
keySizeStatus, sigDigestStatus);
keySizeStatus, sigDigestStatus,
pinningTelemetryInfo);
if (rv != SECSuccess) {
return rv;
}

21
security/certverifier/CertVerifier.h
Просмотреть файл

@ -7,6 +7,7 @@
#ifndef mozilla_psm__CertVerifier_h
#define mozilla_psm__CertVerifier_h
#include "mozilla/Telemetry.h"
#include "pkix/pkixtypes.h"
#include "OCSPCache.h"
#include "ScopedNSSTypes.h"
@ -31,6 +32,20 @@ enum class SignatureDigestStatus {
AlreadyBad = 5,
};
class PinningTelemetryInfo
{
public:
// Should we accumulate pinning telemetry for the result?
bool accumulateResult;
Telemetry::ID certPinningResultHistogram;
int32_t certPinningResultBucket;
// Should we accumulate telemetry for the root?
bool accumulateForRoot;
int32_t rootBucket;
void Reset() { accumulateForRoot = false; accumulateResult = false; }
};
class CertVerifier
{
public:
@ -62,7 +77,8 @@ public:
/*optional out*/ SECOidTag* evOidPolicy = nullptr,
/*optional out*/ OCSPStaplingStatus* ocspStaplingStatus = nullptr,
/*optional out*/ KeySizeStatus* keySizeStatus = nullptr,
/*optional out*/ SignatureDigestStatus* sigDigestStatus = nullptr);
/*optional out*/ SignatureDigestStatus* sigDigestStatus = nullptr,
/*optional out*/ PinningTelemetryInfo* pinningTelemetryInfo = nullptr);
SECStatus VerifySSLServerCert(
CERTCertificate* peerCert,
@ -76,7 +92,8 @@ public:
/*optional out*/ SECOidTag* evOidPolicy = nullptr,
/*optional out*/ OCSPStaplingStatus* ocspStaplingStatus = nullptr,
/*optional out*/ KeySizeStatus* keySizeStatus = nullptr,
/*optional out*/ SignatureDigestStatus* sigDigestStatus = nullptr);
/*optional out*/ SignatureDigestStatus* sigDigestStatus = nullptr,
/*optional out*/ PinningTelemetryInfo* pinningTelemetryInfo = nullptr);
enum PinningMode {
pinningDisabled = 0,

5
security/certverifier/NSSCertDBTrustDomain.cpp
Просмотреть файл

@ -51,6 +51,7 @@ NSSCertDBTrustDomain::NSSCertDBTrustDomain(SECTrustType certDBTrustType,
unsigned int minRSABits,
ValidityCheckingMode validityCheckingMode,
SignatureDigestOption signatureDigestOption,
/*optional*/ PinningTelemetryInfo* pinningTelemetryInfo,
/*optional*/ const char* hostname,
/*optional*/ ScopedCERTCertList* builtChain)
: mCertDBTrustType(certDBTrustType)
@ -63,6 +64,7 @@ NSSCertDBTrustDomain::NSSCertDBTrustDomain(SECTrustType certDBTrustType,
, mMinRSABits(minRSABits)
, mValidityCheckingMode(validityCheckingMode)
, mSignatureDigestOption(signatureDigestOption)
, mPinningTelemetryInfo(pinningTelemetryInfo)
, mHostname(hostname)
, mBuiltChain(builtChain)
, mCertBlocklist(do_GetService(NS_CERTBLOCKLIST_CONTRACTID))
@ -792,7 +794,8 @@ NSSCertDBTrustDomain::IsChainValid(const DERArray& certArray, Time time)
(mPinningMode == CertVerifier::pinningEnforceTestMode);
bool chainHasValidPins;
nsresult nsrv = PublicKeyPinningService::ChainHasValidPins(
certList, mHostname, time, enforceTestMode, chainHasValidPins);
certList, mHostname, time, enforceTestMode, chainHasValidPins,
mPinningTelemetryInfo);
if (NS_FAILED(nsrv)) {
return Result::FATAL_ERROR_LIBRARY_FAILURE;
}

2
security/certverifier/NSSCertDBTrustDomain.h
Просмотреть файл

@ -70,6 +70,7 @@ public:
unsigned int minRSABits,
ValidityCheckingMode validityCheckingMode,
SignatureDigestOption,
/*optional*/ PinningTelemetryInfo* pinningTelemetryInfo = nullptr,
/*optional*/ const char* hostname = nullptr,
/*optional out*/ ScopedCERTCertList* builtChain = nullptr);
@ -154,6 +155,7 @@ private:
const unsigned int mMinRSABits;
ValidityCheckingMode mValidityCheckingMode;
SignatureDigestOption mSignatureDigestOption;
PinningTelemetryInfo* mPinningTelemetryInfo;
const char* mHostname; // non-owning - only used for pinning checks
ScopedCERTCertList* mBuiltChain; // non-owning
nsCOMPtr<nsICertBlocklist> mCertBlocklist;

39
security/manager/ssl/PublicKeyPinningService.cpp
Просмотреть файл

@ -271,7 +271,8 @@ FindPinningInformation(const char* hostname, mozilla::pkix::Time time,
static nsresult
CheckPinsForHostname(const CERTCertList* certList, const char* hostname,
bool enforceTestMode, mozilla::pkix::Time time,
/*out*/ bool& chainHasValidPins)
/*out*/ bool& chainHasValidPins,
/*optional out*/ PinningTelemetryInfo* pinningTelemetryInfo)
{
chainHasValidPins = false;
if (!certList) {
@ -316,22 +317,32 @@ CheckPinsForHostname(const CERTCertList* certList, const char* hostname,
}
// We can collect per-host pinning violations for this host because it is
// operationally critical to Firefox.
if (staticFingerprints->mId != kUnknownId) {
int32_t bucket = staticFingerprints->mId * 2 + (enforceTestModeResult ? 1 : 0);
histogram = staticFingerprints->mTestMode
? Telemetry::CERT_PINNING_MOZ_TEST_RESULTS_BY_HOST
: Telemetry::CERT_PINNING_MOZ_RESULTS_BY_HOST;
Telemetry::Accumulate(histogram, bucket);
} else {
Telemetry::Accumulate(histogram, enforceTestModeResult ? 1 : 0);
if (pinningTelemetryInfo) {
if (staticFingerprints->mId != kUnknownId) {
int32_t bucket = staticFingerprints->mId * 2
+ (enforceTestModeResult ? 1 : 0);
histogram = staticFingerprints->mTestMode
? Telemetry::CERT_PINNING_MOZ_TEST_RESULTS_BY_HOST
: Telemetry::CERT_PINNING_MOZ_RESULTS_BY_HOST;
pinningTelemetryInfo->certPinningResultBucket = bucket;
} else {
pinningTelemetryInfo->certPinningResultBucket =
enforceTestModeResult ? 1 : 0;
}
pinningTelemetryInfo->accumulateResult = true;
pinningTelemetryInfo->certPinningResultHistogram = histogram;
}
// We only collect per-CA pinning statistics upon failures.
CERTCertListNode* rootNode = CERT_LIST_TAIL(certList);
// Only log telemetry if the certificate list is non-empty.
if (!CERT_LIST_END(rootNode, certList)) {
if (!enforceTestModeResult) {
AccumulateTelemetryForRootCA(Telemetry::CERT_PINNING_FAILURES_BY_CA, rootNode->cert);
if (!enforceTestModeResult && pinningTelemetryInfo) {
int32_t binNumber = RootCABinNumber(&rootNode->cert->derCert);
if (binNumber != ROOT_CERTIFICATE_UNKNOWN ) {
pinningTelemetryInfo->accumulateForRoot = true;
pinningTelemetryInfo->rootBucket = binNumber;
}
}
}
@ -350,7 +361,8 @@ PublicKeyPinningService::ChainHasValidPins(const CERTCertList* certList,
const char* hostname,
mozilla::pkix::Time time,
bool enforceTestMode,
/*out*/ bool& chainHasValidPins)
/*out*/ bool& chainHasValidPins,
/*optional out*/ PinningTelemetryInfo* pinningTelemetryInfo)
{
chainHasValidPins = false;
if (!certList) {
@ -361,7 +373,8 @@ PublicKeyPinningService::ChainHasValidPins(const CERTCertList* certList,
}
nsAutoCString canonicalizedHostname(CanonicalizeHostname(hostname));
return CheckPinsForHostname(certList, canonicalizedHostname.get(),
enforceTestMode, time, chainHasValidPins);
enforceTestMode, time, chainHasValidPins,
pinningTelemetryInfo);
}
nsresult

4
security/manager/ssl/PublicKeyPinningService.h
Просмотреть файл

@ -6,6 +6,7 @@
#define PublicKeyPinningService_h
#include "cert.h"
#include "CertVerifier.h"
#include "nsString.h"
#include "nsTArray.h"
#include "pkix/Time.h"
@ -31,7 +32,8 @@ public:
const char* hostname,
mozilla::pkix::Time time,
bool enforceTestMode,
/*out*/ bool& chainHasValidPins);
/*out*/ bool& chainHasValidPins,
/*optional out*/ PinningTelemetryInfo* pinningTelemetryInfo);
/**
* Returns true if there is any intersection between the certificate list
* and the pins specified in the aSHA256key array. Values passed in are

14
security/manager/ssl/RootCertificateTelemetryUtils.cpp
Просмотреть файл

@ -11,13 +11,7 @@
#include "ScopedNSSTypes.h"
#include "mozilla/ArrayUtils.h"
// Note: New CAs will show up as UNKNOWN_ROOT until
// RootHashes.inc is updated to include them. 0 is reserved by
// genRootCAHashes.js for the unknowns.
#define UNKNOWN_ROOT 0
#define HASH_FAILURE -1
namespace mozilla { namespace psm {
namespace mozilla { namespace psm {
PRLogModuleInfo* gPublicKeyPinningTelemetryLog =
PR_NewLogModule("PublicKeyPinningTelemetryService");
@ -54,7 +48,7 @@ RootCABinNumber(const SECItem* cert)
// Compute SHA256 hash of the certificate
nsresult rv = digest.DigestBuf(SEC_OID_SHA256, cert->data, cert->len);
if (NS_WARN_IF(NS_FAILED(rv))) {
return HASH_FAILURE;
return ROOT_CERTIFICATE_HASH_FAILURE;
}
// Compare against list of stored hashes
@ -76,7 +70,7 @@ RootCABinNumber(const SECItem* cert)
}
// Didn't match.
return UNKNOWN_ROOT;
return ROOT_CERTIFICATE_UNKNOWN;
}
@ -88,7 +82,7 @@ AccumulateTelemetryForRootCA(mozilla::Telemetry::ID probe,
{
int32_t binId = RootCABinNumber(&cert->derCert);
if (binId != HASH_FAILURE) {
if (binId != ROOT_CERTIFICATE_HASH_FAILURE) {
Accumulate(probe, binId);
}
}

9
security/manager/ssl/RootCertificateTelemetryUtils.h
Просмотреть файл

@ -12,6 +12,15 @@
namespace mozilla { namespace psm {
// Note: New CAs will show up as UNKNOWN_ROOT until
// RootHashes.inc is updated to include them. 0 is reserved by
// genRootCAHashes.js for the unknowns.
#define ROOT_CERTIFICATE_UNKNOWN 0
#define ROOT_CERTIFICATE_HASH_FAILURE -1
int32_t
RootCABinNumber(const SECItem* cert);
void
AccumulateTelemetryForRootCA(mozilla::Telemetry::ID probe, const CERTCertificate* cert);

14
security/manager/ssl/SSLServerCertVerification.cpp
Просмотреть файл

@ -1178,13 +1178,15 @@ AuthCertificate(CertVerifier& certVerifier,
CertVerifier::OCSP_STAPLING_NEVER_CHECKED;
KeySizeStatus keySizeStatus = KeySizeStatus::NeverChecked;
SignatureDigestStatus sigDigestStatus = SignatureDigestStatus::NeverChecked;
PinningTelemetryInfo pinningTelemetryInfo;
rv = certVerifier.VerifySSLServerCert(cert, stapledOCSPResponse,
time, infoObject,
infoObject->GetHostNameRaw(),
saveIntermediates, 0, &certList,
&evOidPolicy, &ocspStaplingStatus,
&keySizeStatus, &sigDigestStatus);
&keySizeStatus, &sigDigestStatus,
&pinningTelemetryInfo);
PRErrorCode savedErrorCode;
if (rv != SECSuccess) {
savedErrorCode = PR_GetError();
@ -1202,6 +1204,16 @@ AuthCertificate(CertVerifier& certVerifier,
static_cast<uint32_t>(sigDigestStatus));
}
if (pinningTelemetryInfo.accumulateForRoot) {
Telemetry::Accumulate(Telemetry::CERT_PINNING_FAILURES_BY_CA,
pinningTelemetryInfo.rootBucket);
}
if (pinningTelemetryInfo.accumulateResult) {
Telemetry::Accumulate(pinningTelemetryInfo.certPinningResultHistogram,
pinningTelemetryInfo.certPinningResultBucket);
}
// We want to remember the CA certs in the temp db, so that the application can find the
// complete chain at any time it might need it.
// But we keep only those CA certs in the temp db, that we didn't already know.

4
security/manager/ssl/tests/unit/test_pinning.js
Просмотреть файл

@ -214,11 +214,11 @@ function check_pinning_telemetry() {
.snapshot();
// Because all of our test domains are pinned to user-specified trust
// anchors, effectively only strict mode and enforce test-mode get evaluated
equal(prod_histogram.counts[0], 16,
equal(prod_histogram.counts[0], 4,
"Actual and expected prod (non-Mozilla) failure count should match");
equal(prod_histogram.counts[1], 4,
"Actual and expected prod (non-Mozilla) success count should match");
equal(test_histogram.counts[0], 5,
equal(test_histogram.counts[0], 2,
"Actual and expected test (non-Mozilla) failure count should match");
equal(test_histogram.counts[1], 0,
"Actual and expected test (non-Mozilla) success count should match");