Chromium Code Reviews Chromium Code Reviews
Issue 1083493003:
Encrypt certificate reports before uploading to HTTP URLs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/certificate_error_reporter.h" | 5 #include "chrome/browser/net/certificate_error_reporter.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| 11 #include "base/time/time.h" | 11 #include "base/time/time.h" |
| 12 #include "chrome/browser/net/cert_logger.pb.h" | 12 #include "chrome/browser/net/cert_logger.pb.h" |
| 13 | |
| 14 #if defined(USE_OPENSSL) | |
|
estark
2015/04/18 05:24:42
Should I be checking OPENSSL_IS_BORINGSSL too? It
agl
2015/04/21 20:28:25
No, OpenSSL in Chrome is always BoringSSL.
estark
2015/04/22 03:55:30
Acknowledged.
| |
| 15 #include "crypto/aead_openssl.h" | |
| 16 #endif | |
| 17 | |
| 18 #include "crypto/curve25519.h" | |
| 19 #include "crypto/hkdf.h" | |
| 20 #include "crypto/random.h" | |
| 13 #include "net/base/elements_upload_data_stream.h" | 21 #include "net/base/elements_upload_data_stream.h" |
| 14 #include "net/base/load_flags.h" | 22 #include "net/base/load_flags.h" |
| 15 #include "net/base/request_priority.h" | 23 #include "net/base/request_priority.h" |
| 16 #include "net/base/upload_bytes_element_reader.h" | 24 #include "net/base/upload_bytes_element_reader.h" |
| 17 #include "net/cert/x509_certificate.h" | 25 #include "net/cert/x509_certificate.h" |
| 18 #include "net/ssl/ssl_info.h" | 26 #include "net/ssl/ssl_info.h" |
| 19 #include "net/url_request/url_request_context.h" | 27 #include "net/url_request/url_request_context.h" |
| 20 | 28 |
| 29 namespace { | |
| 30 | |
| 31 // Constants used for crypto | |
| 32 static const uint8 kServerPublicKey[] = { | |
| 33 0x51, 0xcc, 0x52, 0x67, 0x42, 0x47, 0x3b, 0x10, 0xe8, 0x63, 0x18, | |
| 34 0x3c, 0x61, 0xa7, 0x96, 0x76, 0x86, 0x91, 0x40, 0x71, 0x39, 0x5f, | |
| 35 0x31, 0x1a, 0x39, 0x5b, 0x76, 0xb1, 0x6b, 0x3d, 0x6a, 0x2b}; | |
| 36 static const uint32 kServerPublicKeyVersion = 1; | |
| 37 | |
| 38 #if defined(USE_OPENSSL) | |
| 39 bool EncryptSerializedReport( | |
| 40 const uint8* server_public_key, | |
| 41 uint32 server_public_key_version, | |
| 42 const std::string& report, | |
| 43 chrome_browser_net::EncryptedCertLoggerRequest* encrypted_report) { | |
| 44 // Generate an ephemeral key pair to generate a shared secret. | |
| 45 uint8 public_key[crypto::curve25519::kBytes]; | |
| 46 uint8 private_key[crypto::curve25519::kScalarBytes]; | |
| 47 uint8 shared_secret[crypto::curve25519::kBytes]; | |
| 48 | |
| 49 crypto::RandBytes(private_key, sizeof(private_key)); | |
| 50 crypto::curve25519::ScalarBaseMult(private_key, public_key); | |
| 51 crypto::curve25519::ScalarMult(private_key, server_public_key, shared_secret); | |
| 52 | |
| 53 crypto::HKDF hkdf(std::string((char*)shared_secret, sizeof(shared_secret)), | |
| 54 std::string(), std::string(), 0, 0, | |
|
agl
2015/04/21 20:28:25
I'd suggest adding an info argument (the 3rd) of s
estark
2015/04/22 03:55:30
Done.
| |
| 55 crypto::Aead::KeyLength()); | |
| 56 | |
| 57 const std::string key(hkdf.subkey_secret().data(), | |
| 58 hkdf.subkey_secret().size()); | |
| 59 crypto::Aead aead(&key); | |
| 60 | |
| 61 // Use an all-zero nonce because the key is random per-message. | |
| 62 std::string nonce(crypto::Aead::NonceLength(), 0); | |
| 63 | |
| 64 std::string ciphertext; | |
| 65 if (!aead.Seal(report, nonce, &ciphertext)) { | |
| 66 LOG(ERROR) << "Error sealing certificate report."; | |
| 67 return false; | |
| 68 } | |
| 69 | |
| 70 encrypted_report->set_encrypted_report(ciphertext); | |
| 71 encrypted_report->set_server_public_key_version(server_public_key_version); | |
| 72 encrypted_report->set_client_public_key( | |
| 73 std::string((char*)public_key, crypto::curve25519::kBytes)); | |
|
agl
2015/04/21 20:28:25
sizeof(public_key)
estark
2015/04/22 03:55:30
Done.
| |
| 74 encrypted_report->set_algorithm( | |
| 75 chrome_browser_net::EncryptedCertLoggerRequest:: | |
| 76 AEAD_ECDH_AES_128_CTR_HMAC_SHA256); | |
| 77 return true; | |
| 78 } | |
| 79 #endif | |
| 80 | |
| 81 } // namespace | |
| 82 | |
| 21 namespace chrome_browser_net { | 83 namespace chrome_browser_net { |
| 22 | 84 |
| 85 // Used only by tests. | |
| 86 #if defined(USE_OPENSSL) | |
| 87 bool DecryptCertificateErrorReport( | |
| 88 const uint8 server_private_key[32], | |
| 89 const EncryptedCertLoggerRequest& encrypted_report, | |
| 90 CertLoggerRequest* decrypted_report) { | |
| 91 uint8 shared_secret[crypto::curve25519::kBytes]; | |
| 92 crypto::curve25519::ScalarMult( | |
| 93 server_private_key, (uint8*)encrypted_report.client_public_key().data(), | |
| 94 shared_secret); | |
| 95 | |
| 96 crypto::HKDF hkdf(std::string((char*)shared_secret, sizeof(shared_secret)), | |
| 97 std::string(), std::string(), 0, 0, | |
|
agl
2015/04/21 20:28:25
the info would also have to be updated here.
estark
2015/04/22 03:55:30
Done.
| |
| 98 crypto::Aead::KeyLength()); | |
| 99 | |
| 100 const std::string key(hkdf.subkey_secret().data(), | |
| 101 hkdf.subkey_secret().size()); | |
| 102 crypto::Aead aead(&key); | |
| 103 | |
| 104 // Use an all-zero nonce because the key is random per-message. | |
| 105 std::string nonce(crypto::Aead::NonceLength(), 0); | |
| 106 | |
| 107 std::string plaintext; | |
| 108 if (!aead.Open(encrypted_report.encrypted_report(), nonce, &plaintext)) { | |
| 109 LOG(ERROR) << "Error opening certificate report"; | |
| 110 return false; | |
| 111 } | |
| 112 | |
| 113 decrypted_report->ParseFromString(plaintext); | |
|
agl
2015/04/21 20:28:25
this can fail, right? Just return it directly?
estark
2015/04/22 03:55:30
Done.
| |
| 114 return true; | |
| 115 } | |
| 116 #endif | |
| 117 | |
| 23 CertificateErrorReporter::CertificateErrorReporter( | 118 CertificateErrorReporter::CertificateErrorReporter( |
| 24 net::URLRequestContext* request_context, | 119 net::URLRequestContext* request_context, |
| 25 const GURL& upload_url, | 120 const GURL& upload_url, |
| 26 CookiesPreference cookies_preference) | 121 CookiesPreference cookies_preference) |
| 122 : CertificateErrorReporter(request_context, | |
| 123 upload_url, | |
| 124 cookies_preference, | |
| 125 kServerPublicKey, | |
| 126 kServerPublicKeyVersion) { | |
| 127 } | |
| 128 | |
| 129 CertificateErrorReporter::CertificateErrorReporter( | |
| 130 net::URLRequestContext* request_context, | |
| 131 const GURL& upload_url, | |
| 132 CookiesPreference cookies_preference, | |
| 133 const uint8 server_public_key[32], | |
| 134 const uint32 server_public_key_version) | |
| 27 : request_context_(request_context), | 135 : request_context_(request_context), |
| 28 upload_url_(upload_url), | 136 upload_url_(upload_url), |
| 29 cookies_preference_(cookies_preference) { | 137 cookies_preference_(cookies_preference), |
| 138 server_public_key_(server_public_key), | |
| 139 server_public_key_version_(server_public_key_version) { | |
| 30 DCHECK(!upload_url.is_empty()); | 140 DCHECK(!upload_url.is_empty()); |
| 31 } | 141 } |
| 32 | 142 |
| 33 CertificateErrorReporter::~CertificateErrorReporter() { | 143 CertificateErrorReporter::~CertificateErrorReporter() { |
| 34 STLDeleteElements(&inflight_requests_); | 144 STLDeleteElements(&inflight_requests_); |
| 35 } | 145 } |
| 36 | 146 |
| 37 void CertificateErrorReporter::SendReport(ReportType type, | 147 void CertificateErrorReporter::SendReport(ReportType type, |
| 38 const std::string& hostname, | 148 const std::string& hostname, |
| 39 const net::SSLInfo& ssl_info) { | 149 const net::SSLInfo& ssl_info) { |
| 40 CertLoggerRequest request; | 150 CertLoggerRequest request; |
| 41 std::string out; | |
| 42 | |
| 43 BuildReport(hostname, ssl_info, &request); | 151 BuildReport(hostname, ssl_info, &request); |
| 44 | 152 |
| 45 switch (type) { | 153 switch (type) { |
| 46 case REPORT_TYPE_PINNING_VIOLATION: | 154 case REPORT_TYPE_PINNING_VIOLATION: |
| 47 SendCertLoggerRequest(request); | 155 SendCertLoggerRequest(request); |
| 48 break; | 156 break; |
| 49 case REPORT_TYPE_EXTENDED_REPORTING: | 157 case REPORT_TYPE_EXTENDED_REPORTING: |
| 50 // TODO(estark): Encrypt the report if not sending over HTTPS | 158 if (upload_url_.SchemeIsSecure()) { |
| 51 DCHECK(upload_url_.SchemeIsSecure()); | 159 SendCertLoggerRequest(request); |
| 52 SendCertLoggerRequest(request); | 160 } else { |
| 161 DCHECK(IsHttpUploadUrlSupported()); | |
| 162 #if defined(USE_OPENSSL) | |
| 163 EncryptedCertLoggerRequest encrypted_report; | |
| 164 std::string serialized_report; | |
| 165 request.SerializeToString(&serialized_report); | |
| 166 if (!EncryptSerializedReport(server_public_key_, | |
| 167 server_public_key_version_, | |
| 168 serialized_report, &encrypted_report)) { | |
| 169 LOG(ERROR) << "Failed to encrypt serialized report."; | |
| 170 return; | |
| 171 } | |
| 172 std::string serialized_encrypted_report; | |
| 173 encrypted_report.SerializeToString(&serialized_encrypted_report); | |
| 174 SendSerializedRequest(serialized_encrypted_report); | |
| 175 #endif | |
| 176 } | |
| 53 break; | 177 break; |
| 54 default: | 178 default: |
| 55 NOTREACHED(); | 179 NOTREACHED(); |
| 56 } | 180 } |
| 57 } | 181 } |
| 58 | 182 |
| 59 void CertificateErrorReporter::OnResponseStarted(net::URLRequest* request) { | 183 void CertificateErrorReporter::OnResponseStarted(net::URLRequest* request) { |
| 60 const net::URLRequestStatus& status(request->status()); | 184 const net::URLRequestStatus& status(request->status()); |
| 61 if (!status.is_success()) { | 185 if (!status.is_success()) { |
| 62 LOG(WARNING) << "Certificate upload failed" | 186 LOG(WARNING) << "Certificate upload failed" |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 77 net::URLRequestContext* context) { | 201 net::URLRequestContext* context) { |
| 78 scoped_ptr<net::URLRequest> request = | 202 scoped_ptr<net::URLRequest> request = |
| 79 context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this); | 203 context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this); |
| 80 if (cookies_preference_ != SEND_COOKIES) { | 204 if (cookies_preference_ != SEND_COOKIES) { |
| 81 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | 205 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | |
| 82 net::LOAD_DO_NOT_SAVE_COOKIES); | 206 net::LOAD_DO_NOT_SAVE_COOKIES); |
| 83 } | 207 } |
| 84 return request.Pass(); | 208 return request.Pass(); |
| 85 } | 209 } |
| 86 | 210 |
| 211 bool CertificateErrorReporter::IsHttpUploadUrlSupported() { | |
| 212 #if defined(USE_OPENSSL) | |
| 213 return true; | |
| 214 #else | |
| 215 return false; | |
| 216 #endif | |
| 217 } | |
| 218 | |
| 87 void CertificateErrorReporter::SendCertLoggerRequest( | 219 void CertificateErrorReporter::SendCertLoggerRequest( |
| 88 const CertLoggerRequest& request) { | 220 const CertLoggerRequest& request) { |
| 89 std::string serialized_request; | 221 std::string serialized_request; |
| 90 request.SerializeToString(&serialized_request); | 222 request.SerializeToString(&serialized_request); |
| 223 SendSerializedRequest(serialized_request); | |
| 224 } | |
| 91 | 225 |
| 226 void CertificateErrorReporter::SendSerializedRequest( | |
| 227 const std::string& serialized_request) { | |
| 92 scoped_ptr<net::URLRequest> url_request = CreateURLRequest(request_context_); | 228 scoped_ptr<net::URLRequest> url_request = CreateURLRequest(request_context_); |
| 93 url_request->set_method("POST"); | 229 url_request->set_method("POST"); |
| 94 | 230 |
| 95 scoped_ptr<net::UploadElementReader> reader( | 231 scoped_ptr<net::UploadElementReader> reader( |
| 96 net::UploadOwnedBytesElementReader::CreateWithString(serialized_request)); | 232 net::UploadOwnedBytesElementReader::CreateWithString(serialized_request)); |
| 97 url_request->set_upload( | 233 url_request->set_upload( |
| 98 net::ElementsUploadDataStream::CreateWithReader(reader.Pass(), 0)); | 234 net::ElementsUploadDataStream::CreateWithReader(reader.Pass(), 0)); |
| 99 | 235 |
| 100 net::HttpRequestHeaders headers; | 236 net::HttpRequestHeaders headers; |
| 101 headers.SetHeader(net::HttpRequestHeaders::kContentType, | 237 headers.SetHeader(net::HttpRequestHeaders::kContentType, |
| (...skipping 24 matching lines...) Expand all Loading... | |
| 126 } | 262 } |
| 127 | 263 |
| 128 void CertificateErrorReporter::RequestComplete(net::URLRequest* request) { | 264 void CertificateErrorReporter::RequestComplete(net::URLRequest* request) { |
| 129 std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request); | 265 std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request); |
| 130 DCHECK(i != inflight_requests_.end()); | 266 DCHECK(i != inflight_requests_.end()); |
| 131 scoped_ptr<net::URLRequest> url_request(*i); | 267 scoped_ptr<net::URLRequest> url_request(*i); |
| 132 inflight_requests_.erase(i); | 268 inflight_requests_.erase(i); |
| 133 } | 269 } |
| 134 | 270 |
| 135 } // namespace chrome_browser_net | 271 } // namespace chrome_browser_net |
| OLD | NEW |
