net/quic/crypto/proof_verifier_chromium.cc - Issue 17385010: OpenSSL/NSS implementation of ProofVerfifier.

Side by Side Diff: net/quic/crypto/proof_verifier_chromium.cc

Issue 17385010: OpenSSL/NSS implementation of ProofVerfifier. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Merged wtc's changes from TOT Created 7 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright 2013 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "net/quic/crypto/proof_verifier_chromium.h"

	6

	7 #include "base/bind.h"

	8 #include "base/bind_helpers.h"

	9 #include "base/callback_helpers.h"

	10 #include "base/compiler_specific.h"

	11 #include "base/logging.h"

	12 #include "base/strings/stringprintf.h"

	13 #include "crypto/signature_verifier.h"

	14 #include "net/base/net_errors.h"

	15 #include "net/base/net_log.h"

	16 #include "net/cert/asn1_util.h"

	17 #include "net/cert/cert_status_flags.h"

	18 #include "net/cert/cert_verifier.h"

	19 #include "net/cert/cert_verify_result.h"

	20 #include "net/cert/single_request_cert_verifier.h"

	21 #include "net/cert/x509_certificate.h"

	22 #include "net/cert/x509_util.h"

	23 #include "net/quic/crypto/crypto_protocol.h"

	24 #include "net/ssl/ssl_config_service.h"

	25

	26 using base::StringPiece;

	27 using base::StringPrintf;

	28 using std::string;

	29 using std::vector;

	30

	31 namespace net {

	32

	33 ProofVerifierChromium::ProofVerifierChromium(CertVerifier* cert_verifier)

	34 : cert_verifier_(cert_verifier),

	35 cert_(NULL),

	36 next_state_(STATE_NONE) {

	37 }

	38

	39 ProofVerifierChromium::~ProofVerifierChromium() {

	40 verifier_.reset();

	41

	42 // Reset object state.

	43 callback_.Reset();

	44 cert_verify_result_.Reset();

	45 }

	46

	47 int ProofVerifierChromium::VerifyProof(const string& hostname,

	48 const string& server_config,

	49 const vector<string>& certs,

	50 const string& signature,

	51 const CompletionCallback& callback) {

	52 error_details_ = string();

	53 // We call VerifySignature first to avoid copying of server_config and

	54 // signature.

	55 if (!VerifySignature(server_config, signature, certs[0])) {

	56 error_details_ = "Failed to verify signature of server config";

	57 DLOG(WARNING) << error_details_;

	58 return ERR_FAILED;

	59 }

	60

	61 hostname_ = hostname;

	62 callback_ = callback;

	63

	64 return VerifyChain(certs);

	65 }

	66

	67 string ProofVerifierChromium::error_details() {

	68 return error_details_;

	69 }

	70

	71 int ProofVerifierChromium::VerifyChain(const vector<string>& certs) {

	72 if (certs.empty()) {

	73 DLOG(WARNING) << "Certs are empty.";

	74 return ERR_FAILED;

	75 }

	76

	77 // Convert certs to X509Certificate.

	78 vector<StringPiece> v(certs.size());

	79 for (unsigned i = 0; i < certs.size(); i++) {

	80 v[i] = base::StringPiece(certs[i]);

	81 }

	82 cert_ = X509Certificate::CreateFromDERCertChain(v);

	83 if (!cert_.get()) {

	84 cert_verify_result_.Reset();

	85 cert_verify_result_.cert_status = CERT_STATUS_INVALID;

	86 return ERR_CERT_INVALID;

	87 }

	88

	89 // Let's verify the certificate.

	90 next_state_ = STATE_VERIFY_CERT;

	91 return DoLoop(OK);

	92 }

	93

	94 int ProofVerifierChromium::DoLoop(int last_result) {

	95 int rv = last_result;

	96 do {

	97 State state = next_state_;

	98 next_state_ = STATE_NONE;

	99 switch (state) {

	100 case STATE_VERIFY_CERT:

	101 DCHECK(rv == OK);

	102 rv = DoVerifyCert(rv);

	103 break;

	104 case STATE_VERIFY_CERT_COMPLETE:

	105 rv = DoVerifyCertComplete(rv);

	106 break;

	107 case STATE_NONE:

	108 default:

	109 rv = ERR_UNEXPECTED;

	110 LOG(DFATAL) << "unexpected state " << state;

	111 break;

	112 }

	113 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE);

	114 return rv;

	115 }

	116

	117 void ProofVerifierChromium::OnIOComplete(int result) {

	118 int rv = DoLoop(result);

	119 if (rv != ERR_IO_PENDING) {

	120 base::ResetAndReturn(&callback_).Run(rv);

	121 }

	122 }

	123

	124 int ProofVerifierChromium::DoVerifyCert(int result) {

	125 next_state_ = STATE_VERIFY_CERT_COMPLETE;

	126

	127 int flags = CertVerifier::VERIFY_REV_CHECKING_ENABLED \|

	128 CertVerifier::VERIFY_CERT_IO_ENABLED;

	129 verifier_.reset(new SingleRequestCertVerifier(cert_verifier_));

	130 return verifier_->Verify(

	131 cert_.get(),

	132 hostname_,

	133 flags,

	134 SSLConfigService::GetCRLSet().get(),

	135 &cert_verify_result_,

	136 base::Bind(&ProofVerifierChromium::OnIOComplete,

	137 base::Unretained(this)),

	138 net_log_);

	139 }

	140

	141 int ProofVerifierChromium::DoVerifyCertComplete(int result) {

	142 verifier_.reset();

	143

	144 if (result <= ERR_FAILED) {

	145 error_details_ = StringPrintf("Failed to verify certificate chain: %s",

	146 ErrorToString(result));

	147 DLOG(WARNING) << error_details_;

	148 result = ERR_FAILED;

	149 }

	150

	151 // Exit DoLoop and return the result to the caller to ProofVerify.

	152 DCHECK_EQ(STATE_NONE, next_state_);

	153 return result;

	154 }

	155

	156 // static

	157 bool ProofVerifierChromium::VerifySignature(const string& signed_data,

	158 const string& signature,

	159 const string& cert) {

	160 // TODO(rtenneti): enable ECDSA based signature verification.

	161 #if 0

	162 StringPiece spki;

	163 if (!asn1::ExtractSPKIFromDERCert(cert, &spki)) {

	164 DLOG(WARNING) << "ExtractSPKIFromDERCert failed";

	165 return false;

	166 }

	167

	168 // We use the signature verifier to perform signature verification.

	169 crypto::SignatureVerifier verifier;

	170

	171 // TODO(rtenneti): Define the algorithm ID for RSA_PKCS1_PSS_PADDING based on

	172 // the cert.

	173

	174 // This is the algorithm ID for SHA-256 with EC encryption.

	175 const uint8 kECDSAWithSHA256AlgorithmID[] = {

	176 0x30, 0x0c,

	177 0x06, 0x08,

	178 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,

	179 0x05, 0x00

	180 };

	181

	182 if (!verifier.VerifyInit(

	183 kECDSAWithSHA256AlgorithmID, sizeof(kECDSAWithSHA256AlgorithmID),

	184 reinterpret_cast<const uint8*>(signature.data()),

	185 signature.size(),

	186 reinterpret_cast<const uint8*>(spki.data()),

	187 spki.size())) {

	188 DLOG(WARNING) << "VerifyInit failed";

	189 return false;

	190 }

	191 #endif // 0

	192

	193 StringPiece spki;

	194 if (!asn1::ExtractSPKIFromDERCert(cert, &spki)) {

	195 DLOG(WARNING) << "ExtractSPKIFromDERCert failed";

	196 return false;

	197 }

	198

	199 crypto::SignatureVerifier::HashAlgorithm hash_alg =

	200 crypto::SignatureVerifier::SHA256;

	201 crypto::SignatureVerifier::HashAlgorithm mask_hash_alg = hash_alg;

	202 unsigned int hash_len = 32; // 32 is the length of a SHA-256 hash.

	203 // TODO(wtc): change this to hash_len when we can change the wire format.

	204 unsigned int salt_len = signature.size() - hash_len - 2;

	205

	206 crypto::SignatureVerifier verifier;

	207 bool ok = verifier.VerifyInitRSAPSS(

	208 hash_alg, mask_hash_alg, salt_len,

	209 reinterpret_cast<const uint8*>(signature.data()), signature.size(),

	210 reinterpret_cast<const uint8*>(spki.data()), spki.size());

	211 if (!ok) {

	212 DLOG(WARNING) << "VerifyInitRSAPSS failed";

	213 return false;

	214 }

	215

	216 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(kProofSignatureLabel),

	217 sizeof(kProofSignatureLabel));

	218 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(signed_data.data()),

	219 signed_data.size());

	220

	221 if (!verifier.VerifyFinal()) {

	222 DLOG(WARNING) << "VerifyFinal failed";

	223 return false;

	224 }

	225

	226 DLOG(WARNING) << "VerifyFinal success";

	227 return true;

	228 }

	229

	230 } // namespace net

OLD	NEW

« no previous file with comments | « net/quic/crypto/proof_verifier_chromium.h ('k') | net/quic/quic_crypto_client_stream.h » ('j') | net/quic/quic_crypto_client_stream.h » ('J')