| Index: net/cert/internal/verify_certificate_chain.cc
|
| diff --git a/net/cert/internal/verify_certificate_chain.cc b/net/cert/internal/verify_certificate_chain.cc
|
| index 20fafc5303fb02b369bb9488dcb2978f5cf784a4..d021d2acd31484ac54d442c5c7b24f297bff927c 100644
|
| --- a/net/cert/internal/verify_certificate_chain.cc
|
| +++ b/net/cert/internal/verify_certificate_chain.cc
|
| @@ -196,24 +196,6 @@ WARN_UNUSED_RESULT bool IsSelfIssued(const FullyParsedCert& cert) {
|
| return NameMatches(cert.tbs.subject_tlv, cert.tbs.issuer_tlv);
|
| }
|
|
|
| -// Finds a trust anchor that matches |name| in |trust_store| or returns
|
| -// nullptr. The returned pointer references data in |trust_store|.
|
| -//
|
| -// TODO(eroman): This implementation is linear in the size of the trust store,
|
| -// and also presumes that all names are unique. In practice it is possible to
|
| -// have multiple SPKIs with the same name. Also this mechanism of
|
| -// searching is fairly primitive, and does not take advantage of other
|
| -// properties like the authority key id.
|
| -WARN_UNUSED_RESULT const TrustAnchor* FindTrustAnchorByName(
|
| - const TrustStore& trust_store,
|
| - const der::Input& name) {
|
| - for (const auto& anchor : trust_store.anchors) {
|
| - if (NameMatches(name, der::Input(&anchor.name)))
|
| - return &anchor;
|
| - }
|
| - return nullptr;
|
| -}
|
| -
|
| // Returns true if |cert| is valid at time |time|.
|
| //
|
| // The certificate's validity requirements are described by RFC 5280 section
|
| @@ -500,20 +482,95 @@ WARN_UNUSED_RESULT bool WrapUp(const FullyParsedCert& cert) {
|
|
|
| TrustAnchor::~TrustAnchor() {}
|
|
|
| +bool TrustAnchor::AssignCertData(const uint8_t* data,
|
| + size_t length,
|
| + bool copy) {
|
| + // Reset all the fields.
|
| + *this = TrustAnchor();
|
| +
|
| + if (copy) {
|
| + owned_cert_tlv.assign(data, data + length);
|
| + cert_tlv = der::Input(&owned_cert_tlv);
|
| + } else {
|
| + owned_cert_tlv.clear();
|
| + cert_tlv = der::Input(data, length);
|
| + }
|
| +
|
| + if (!ParseCertificate(cert_tlv, &cert))
|
| + return false;
|
| +
|
| + if (!ParseTbsCertificate(cert.tbs_certificate_tlv, &tbs))
|
| + return false;
|
| +
|
| + return true;
|
| +}
|
| +
|
| TrustStore::TrustStore() {}
|
| TrustStore::TrustStore(const TrustStore& other) = default;
|
| TrustStore::~TrustStore() {}
|
|
|
| +bool TrustStore::AddTrustedCertificate(const uint8_t* data, size_t length) {
|
| + TrustAnchor anchor;
|
| + if (!anchor.AssignCertData(data, length, true))
|
| + return false;
|
| + anchors.push_back(std::move(anchor));
|
| + return true;
|
| +}
|
| +
|
| +bool TrustStore::AddTrustedCertificate(const base::StringPiece& data) {
|
| + return AddTrustedCertificate(reinterpret_cast<const uint8_t*>(data.data()),
|
| + data.size());
|
| +}
|
| +
|
| +bool TrustStore::AddTrustedCertificateWithoutCopying(const uint8_t* data,
|
| + size_t length) {
|
| + TrustAnchor anchor;
|
| + if (!anchor.AssignCertData(data, length, false))
|
| + return false;
|
| + anchors.push_back(std::move(anchor));
|
| + return true;
|
| +}
|
| +
|
| +const der::Input* TrustStore::FindTrustedCertificateByName(
|
| + const der::Input& name) const {
|
| + for (const auto& anchor : anchors) {
|
| + if (NameMatches(name, anchor.tbs.subject_tlv))
|
| + return &anchor.cert_tlv;
|
| + }
|
| + return nullptr;
|
| +}
|
| +
|
| +bool TrustStore::IsTrustedCertificate(const der::Input& cert_der) const {
|
| + for (const auto& anchor : anchors) {
|
| + if (anchor.cert_tlv == cert_der)
|
| + return true;
|
| + }
|
| + return false;
|
| +}
|
| +
|
| +// TODO(eroman): Move this into existing anonymous namespace.
|
| +namespace {
|
| +
|
| // This implementation is structured to mimic the description of certificate
|
| // path verification given by RFC 5280 section 6.1.
|
| -bool VerifyCertificateChain(const std::vector<der::Input>& certs_der,
|
| - const TrustStore& trust_store,
|
| - const SignaturePolicy* signature_policy,
|
| - const der::GeneralizedTime& time) {
|
| +//
|
| +// Unlike RFC 5280, the trust anchor is specified as the root certificate in
|
| +// the chain. This root certificate is assumed to be trusted -- neither its
|
| +// signature nor expiration are checked.
|
| +bool VerifyCertificateChainAssumingTrustedRoot(
|
| + const std::vector<der::Input>& certs_der,
|
| + // The trust store is only used for assertions.
|
| + const TrustStore& trust_store,
|
| + const SignaturePolicy* signature_policy,
|
| + const der::GeneralizedTime& time) {
|
| // An empty chain is necessarily invalid.
|
| if (certs_der.empty())
|
| return false;
|
|
|
| + // IMPORTANT: the assumption being made is that the root certificate in
|
| + // the given path is trusted.
|
| + DCHECK(trust_store.IsTrustedCertificate(certs_der.back()));
|
| +
|
| // Will contain a NameConstraints for each previous cert in the chain which
|
| // had nameConstraints. This corresponds to the permitted_subtrees and
|
| // excluded_subtrees state variables from RFC 5280.
|
| @@ -561,11 +618,12 @@ bool VerifyCertificateChain(const std::vector<der::Input>& certs_der,
|
| //
|
| // Note that |i| uses 0-based indexing whereas in RFC 5280 it is 1-based.
|
| //
|
| - // * i=0 : Certificate signed by a trust anchor.
|
| + // * i=0 : Trust anchor.
|
| // * i=N-1 : Target certificate.
|
| for (size_t i = 0; i < certs_der.size(); ++i) {
|
| const size_t index_into_certs_der = certs_der.size() - i - 1;
|
| const bool is_target_cert = index_into_certs_der == 0;
|
| + const bool is_trust_anchor_cert = i == 0;
|
|
|
| // Parse the current certificate into |cert|.
|
| FullyParsedCert cert;
|
| @@ -573,28 +631,20 @@ bool VerifyCertificateChain(const std::vector<der::Input>& certs_der,
|
| if (!FullyParseCertificate(cert_der, &cert))
|
| return false;
|
|
|
| - // When processing the first certificate, initialize |working_spki|
|
| - // and |working_issuer_name| to the trust anchor per RFC 5280 section 6.1.2.
|
| - // This is done inside the loop in order to have access to the parsed
|
| - // certificate.
|
| - if (i == 0) {
|
| - const TrustAnchor* trust_anchor =
|
| - FindTrustAnchorByName(trust_store, cert.tbs.issuer_tlv);
|
| - if (!trust_anchor)
|
| - return false;
|
| - working_spki = der::Input(&trust_anchor->spki);
|
| - working_issuer_name = der::Input(&trust_anchor->name);
|
| - }
|
| -
|
| // Per RFC 5280 section 6.1:
|
| // * Do basic processing for each certificate
|
| // * If it is the last certificate in the path (target certificate)
|
| // - Then run "Wrap up"
|
| // - Otherwise run "Prepare for Next cert"
|
| - if (!BasicCertificateProcessing(cert, is_target_cert, signature_policy,
|
| - time, working_spki, working_issuer_name,
|
| - name_constraints_list)) {
|
| - return false;
|
| + if (!is_trust_anchor_cert) {
|
| + // Note that BasicCertificateProcessing() is skipped for the root
|
| + // certificate as it is implicitly trusted already. It will be
|
| + // accepted even if its signature is invalid, or it has expired.
|
| + if (!BasicCertificateProcessing(cert, is_target_cert, signature_policy,
|
| + time, working_spki, working_issuer_name,
|
| + name_constraints_list)) {
|
| + return false;
|
| + }
|
| }
|
| if (!is_target_cert) {
|
| if (!PrepareForNextCertificate(cert, &max_path_length, &working_spki,
|
| @@ -616,4 +666,60 @@ bool VerifyCertificateChain(const std::vector<der::Input>& certs_der,
|
| return true;
|
| }
|
|
|
| +// TODO(eroman): This function is a temporary hack in the absence of full
|
| +// path building. It will insert 0 or 1 certificates at the root of the
|
| +// chain to ensure that the path's root certificate is in the trust store.
|
| +// Beyond this no other verification is done on the chain. The caller is
|
| +// responsible for verifying the chain's correctness.
|
| +WARN_UNUSED_RESULT bool BuildSimplePathToTrustAnchor(
|
| + const std::vector<der::Input>& certs_der,
|
| + const TrustStore& trust_store,
|
| + std::vector<der::Input>* certs_der_trusted_root) {
|
| + // Copy the input chain.
|
| + *certs_der_trusted_root = certs_der;
|
| +
|
| + if (certs_der.empty())
|
| + return false;
|
| +
|
| + // Check if the current root certificate is trusted. If it is then no
|
| + // extra work is needed.
|
| + if (trust_store.IsTrustedCertificate(certs_der_trusted_root->back()))
|
| + return true;
|
| +
|
| + // Otherwise if it is not trusted, check whether its issuer is trusted. If
|
| + // so, make *that* trusted certificate the root. If the issuer is not in
|
| + // the trust store then give up and fail (this is not full path building).
|
| + ParsedCertificate cert;
|
| + ParsedTbsCertificate tbs;
|
| + if (!ParseCertificate(certs_der.back(), &cert) ||
|
| + !ParseTbsCertificate(cert.tbs_certificate_tlv, &tbs)) {
|
| + return false;
|
| + }
|
| +
|
| + const der::Input* trusted_issuer =
|
| + trust_store.FindTrustedCertificateByName(tbs.issuer_tlv);
|
| + if (!trusted_issuer)
|
| + return false;
|
| + certs_der_trusted_root->push_back(*trusted_issuer);
|
| + return true;
|
| +}
|
| +
|
| +} // namespace
|
| +
|
| +bool VerifyCertificateChain(const std::vector<der::Input>& certs_der,
|
| + const TrustStore& trust_store,
|
| + const SignaturePolicy* signature_policy,
|
| + const der::GeneralizedTime& time) {
|
| + // Modify the certificate chain so that its root is a trusted certificate.
|
| + std::vector<der::Input> certs_der_trusted_root;
|
| + if (!BuildSimplePathToTrustAnchor(certs_der, trust_store,
|
| + &certs_der_trusted_root)) {
|
| + return false;
|
| + }
|
| +
|
| + // Verify the chain.
|
| + return VerifyCertificateChainAssumingTrustedRoot(
|
| + certs_der_trusted_root, trust_store, signature_policy, time);
|
| +}
|
| +
|
| } // namespace net
|
|
|
Chromium Code Reviews
Issue 1890193003:
Make Cast certificate verification enforce constraints specified in the trusted root certificate. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master