Index: net/cert/sha256_legacy_support_win.cc |
diff --git a/net/cert/sha256_legacy_support_win.cc b/net/cert/sha256_legacy_support_win.cc |
deleted file mode 100644 |
index a936637e520d19e2b8630b9f626e4fe909dd29cf..0000000000000000000000000000000000000000 |
--- a/net/cert/sha256_legacy_support_win.cc |
+++ /dev/null |
@@ -1,217 +0,0 @@ |
-// Copyright 2014 The Chromium Authors. All rights reserved. |
-// Use of this source code is governed by a BSD-style license that can be |
-// found in the LICENSE file. |
- |
-#include "net/cert/sha256_legacy_support_win.h" |
- |
-#include <openssl/asn1.h> |
-#include <openssl/bytestring.h> |
-#include <openssl/evp.h> |
-#include <openssl/obj.h> |
-#include <openssl/x509.h> |
- |
-#include "base/logging.h" |
-#include "crypto/scoped_openssl_types.h" |
- |
-namespace net { |
- |
-namespace sha256_interception { |
- |
-namespace { |
- |
-using ScopedX509_ALGOR = crypto::ScopedOpenSSL<X509_ALGOR, X509_ALGOR_free>; |
- |
-bool IsSupportedSubjectType(DWORD subject_type) { |
- switch (subject_type) { |
- case CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB: |
- case CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT: |
- case CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL: |
- return true; |
- } |
- return false; |
-} |
- |
-bool IsSupportedIssuerType(DWORD issuer_type) { |
- switch (issuer_type) { |
- case CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY: |
- case CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT: |
- case CRYPT_VERIFY_CERT_SIGN_ISSUER_CHAIN: |
- return true; |
- } |
- return false; |
-} |
- |
-base::StringPiece GetSubjectSignature(DWORD subject_type, |
- void* subject_data) { |
- switch (subject_type) { |
- case CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB: { |
- CRYPT_DATA_BLOB* data_blob = |
- reinterpret_cast<CRYPT_DATA_BLOB*>(subject_data); |
- return base::StringPiece(reinterpret_cast<char*>(data_blob->pbData), |
- data_blob->cbData); |
- } |
- case CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT: { |
- PCCERT_CONTEXT subject_cert = |
- reinterpret_cast<PCCERT_CONTEXT>(subject_data); |
- return base::StringPiece( |
- reinterpret_cast<char*>(subject_cert->pbCertEncoded), |
- subject_cert->cbCertEncoded); |
- } |
- case CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL: { |
- PCCRL_CONTEXT subject_crl = |
- reinterpret_cast<PCCRL_CONTEXT>(subject_data); |
- return base::StringPiece( |
- reinterpret_cast<char*>(subject_crl->pbCrlEncoded), |
- subject_crl->cbCrlEncoded); |
- } |
- } |
- return base::StringPiece(); |
-} |
- |
-PCERT_PUBLIC_KEY_INFO GetIssuerPublicKey(DWORD issuer_type, |
- void* issuer_data) { |
- switch (issuer_type) { |
- case CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY: |
- return reinterpret_cast<PCERT_PUBLIC_KEY_INFO>(issuer_data); |
- case CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT: { |
- PCCERT_CONTEXT cert = reinterpret_cast<PCCERT_CONTEXT>(issuer_data); |
- return &cert->pCertInfo->SubjectPublicKeyInfo; |
- } |
- case CRYPT_VERIFY_CERT_SIGN_ISSUER_CHAIN: { |
- PCCERT_CHAIN_CONTEXT chain = |
- reinterpret_cast<PCCERT_CHAIN_CONTEXT>(issuer_data); |
- PCCERT_CONTEXT cert = chain->rgpChain[0]->rgpElement[0]->pCertContext; |
- return &cert->pCertInfo->SubjectPublicKeyInfo; |
- } |
- } |
- return NULL; |
-} |
- |
-// Parses |subject_signature| and writes the components into |*out_tbs_data|, |
-// |*out_algor|, and |*out_signature|. The BIT STRING in the signature must be |
-// a multiple of 8 bits. |*out_signature| will have the padding byte removed. |
-// It returns true on success and false on failure. |
-bool ParseSubjectSignature(const base::StringPiece& subject_signature, |
- CBS* out_tbs_data, |
- ScopedX509_ALGOR* out_algor, |
- CBS* out_signature) { |
- CBS cbs, sequence, tbs_data, algorithm, signature; |
- CBS_init(&cbs, reinterpret_cast<const uint8_t*>(subject_signature.data()), |
- subject_signature.size()); |
- if (!CBS_get_asn1(&cbs, &sequence, CBS_ASN1_SEQUENCE) || CBS_len(&cbs) != 0 || |
- !CBS_get_any_asn1_element(&sequence, &tbs_data, nullptr, nullptr) || |
- !CBS_get_asn1_element(&sequence, &algorithm, CBS_ASN1_SEQUENCE) || |
- !CBS_get_asn1(&sequence, &signature, CBS_ASN1_BITSTRING) || |
- CBS_len(&sequence) != 0) { |
- return false; |
- } |
- |
- // Decode the algorithm. |
- const uint8_t* ptr = CBS_data(&algorithm); |
- ScopedX509_ALGOR algor(d2i_X509_ALGOR(NULL, &ptr, CBS_len(&algorithm))); |
- if (!algor || ptr != CBS_data(&algorithm) + CBS_len(&algorithm)) |
- return false; |
- |
- // An ASN.1 BIT STRING is encoded with a leading byte denoting the number of |
- // padding bits. All supported signature algorithms output octets, so the |
- // leading byte must be zero. |
- uint8_t padding; |
- if (!CBS_get_u8(&signature, &padding) || padding != 0) |
- return false; |
- |
- *out_tbs_data = tbs_data; |
- *out_algor = algor.Pass(); |
- *out_signature = signature; |
- return true; |
-} |
- |
-} // namespace |
- |
-BOOL CryptVerifyCertificateSignatureExHook( |
- CryptVerifyCertificateSignatureExFunc original_func, |
- HCRYPTPROV_LEGACY provider, |
- DWORD encoding_type, |
- DWORD subject_type, |
- void* subject_data, |
- DWORD issuer_type, |
- void* issuer_data, |
- DWORD flags, |
- void* extra) { |
- CHECK(original_func); |
- |
- // Only intercept if the arguments are supported. |
- if (provider != NULL || (encoding_type != X509_ASN_ENCODING) || |
- !IsSupportedSubjectType(subject_type) || subject_data == NULL || |
- !IsSupportedIssuerType(issuer_type) || issuer_data == NULL) { |
- return original_func(provider, encoding_type, subject_type, subject_data, |
- issuer_type, issuer_data, flags, extra); |
- } |
- |
- base::StringPiece subject_signature = |
- GetSubjectSignature(subject_type, subject_data); |
- bool should_intercept = false; |
- |
- // Parse out the data, AlgorithmIdentifier, and signature. |
- CBS tbs_data, signature; |
- ScopedX509_ALGOR algor; |
- if (ParseSubjectSignature(subject_signature, &tbs_data, &algor, &signature)) { |
- // If the signature algorithm is RSA with one of the SHA-2 algorithms |
- // supported by BoringSSL (excluding SHA-224, which is pointless), then |
- // defer to the BoringSSL implementation. Otherwise, fall back and let the |
- // OS handle it (e.g. in case there are any algorithm policies in effect). |
- int nid = OBJ_obj2nid(algor->algorithm); |
- if (nid == NID_sha256WithRSAEncryption || |
- nid == NID_sha384WithRSAEncryption || |
- nid == NID_sha512WithRSAEncryption) { |
- should_intercept = true; |
- } |
- } |
- |
- if (!should_intercept) { |
- return original_func(provider, encoding_type, subject_type, subject_data, |
- issuer_type, issuer_data, flags, extra); |
- } |
- |
- // Rather than attempting to synthesize an EVP_PKEY by hand, just force the |
- // OS to do an ASN.1 encoding and then decode it back into BoringSSL. This |
- // is silly for performance, but safest for consistency. |
- PCERT_PUBLIC_KEY_INFO issuer_public_key = |
- GetIssuerPublicKey(issuer_type, issuer_data); |
- if (!issuer_public_key) { |
- SetLastError(static_cast<DWORD>(NTE_BAD_ALGID)); |
- return FALSE; |
- } |
- |
- uint8_t* issuer_spki_data = NULL; |
- DWORD issuer_spki_len = 0; |
- if (!CryptEncodeObjectEx(X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, |
- issuer_public_key, CRYPT_ENCODE_ALLOC_FLAG, NULL, |
- &issuer_spki_data, &issuer_spki_len)) { |
- return FALSE; |
- } |
- |
- const uint8_t* ptr = issuer_spki_data; |
- crypto::ScopedEVP_PKEY pubkey(d2i_PUBKEY(NULL, &ptr, issuer_spki_len)); |
- if (!pubkey.get() || ptr != issuer_spki_data + issuer_spki_len) { |
- ::LocalFree(issuer_spki_data); |
- SetLastError(static_cast<DWORD>(NTE_BAD_ALGID)); |
- return FALSE; |
- } |
- ::LocalFree(issuer_spki_data); |
- |
- crypto::ScopedEVP_MD_CTX md_ctx(EVP_MD_CTX_create()); |
- if (!EVP_DigestVerifyInitFromAlgorithm(md_ctx.get(), algor.get(), |
- pubkey.get()) || |
- !EVP_DigestVerifyUpdate(md_ctx.get(), CBS_data(&tbs_data), |
- CBS_len(&tbs_data)) || |
- !EVP_DigestVerifyFinal(md_ctx.get(), CBS_data(&signature), |
- CBS_len(&signature))) { |
- SetLastError(static_cast<DWORD>(NTE_BAD_SIGNATURE)); |
- return FALSE; |
- } |
- return TRUE; |
-} |
- |
-} // namespace sha256_interception |
- |
-} // namespace net |