Chromium Code Reviews Chromium Code Reviews
Issue 2731603002:
Check TBSCertificate.algorithm and Certificate.signatureAlgorithm for (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/verify_certificate_chain.h" | 5 #include "net/cert/internal/verify_certificate_chain.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/ptr_util.h" | 10 #include "base/memory/ptr_util.h" |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 128 } | 128 } |
| 129 | 129 |
| 130 if (cert.tbs().validity_not_after < time) { | 130 if (cert.tbs().validity_not_after < time) { |
| 131 errors->AddError(kValidityFailedNotAfter); | 131 errors->AddError(kValidityFailedNotAfter); |
| 132 return false; | 132 return false; |
| 133 } | 133 } |
| 134 | 134 |
| 135 return true; | 135 return true; |
| 136 } | 136 } |
| 137 | 137 |
| 138 // Returns true if |signature_algorithm_tlv| is a valid algorithm encoding for | |
| 139 // RSA with SHA1. | |
| 140 WARN_UNUSED_RESULT bool IsRsaWithSha1SignatureAlgorithm( | |
| 141 const der::Input& signature_algorithm_tlv) { | |
| 142 std::unique_ptr<SignatureAlgorithm> algorithm = | |
| 143 SignatureAlgorithm::Create(signature_algorithm_tlv, nullptr); | |
| 144 | |
| 145 return algorithm && | |
| 146 algorithm->algorithm() == SignatureAlgorithmId::RsaPkcs1 && | |
| 147 algorithm->digest() == DigestAlgorithm::Sha1; | |
| 148 } | |
| 149 | |
| 150 // Returns true if |cert| has internally consistent signature algorithms. | 138 // Returns true if |cert| has internally consistent signature algorithms. |
| 151 // | 139 // |
| 152 // X.509 certificates contain two different signature algorithms: | 140 // X.509 certificates contain two different signature algorithms: |
| 153 // (1) The signatureAlgorithm field of Certificate | 141 // (1) The signatureAlgorithm field of Certificate |
| 154 // (2) The signature field of TBSCertificate | 142 // (2) The signature field of TBSCertificate |
| 155 // | 143 // |
| 156 // According to RFC 5280 section 4.1.1.2 and 4.1.2.3 these two fields must be | 144 // According to RFC 5280 section 4.1.1.2 and 4.1.2.3 these two fields must be |
| 157 // equal: | 145 // equal: |
| 158 // | 146 // |
| 159 // This field MUST contain the same algorithm identifier as the | 147 // This field MUST contain the same algorithm identifier as the |
| (...skipping 10 matching lines...) Expand all Loading... | |
| 170 const ParsedCertificate& cert, | 158 const ParsedCertificate& cert, |
| 171 CertErrors* errors) { | 159 CertErrors* errors) { |
| 172 const der::Input& alg1_tlv = cert.signature_algorithm_tlv(); | 160 const der::Input& alg1_tlv = cert.signature_algorithm_tlv(); |
| 173 const der::Input& alg2_tlv = cert.tbs().signature_algorithm_tlv; | 161 const der::Input& alg2_tlv = cert.tbs().signature_algorithm_tlv; |
| 174 | 162 |
| 175 // Ensure that the two DER-encoded signature algorithms are byte-for-byte | 163 // Ensure that the two DER-encoded signature algorithms are byte-for-byte |
| 176 // equal. | 164 // equal. |
| 177 if (alg1_tlv == alg2_tlv) | 165 if (alg1_tlv == alg2_tlv) |
| 178 return true; | 166 return true; |
| 179 | 167 |
| 180 // But make a compatibility concession for RSA with SHA1. | 168 // But make a compatibility concession if alternate encodings are used |
| 181 if (IsRsaWithSha1SignatureAlgorithm(alg1_tlv) && | 169 // TODO(eroman): Turn this warning into an error. |
| 182 IsRsaWithSha1SignatureAlgorithm(alg2_tlv)) { | 170 if (!SignatureAlgorithm::IsEquivalent(alg1_tlv, alg2_tlv)) { |
|
mattm
2017/03/04 02:34:27
is the ! here correct? Seems like that's backwards
eroman
2017/03/07 23:43:00
Thanks for spotting that bug!
Ugh. I will follow-u
| |
| 183 errors->AddWarning( | 171 errors->AddWarning( |
| 184 kSignatureAlgorithmsDifferentEncoding, | 172 kSignatureAlgorithmsDifferentEncoding, |
| 185 CreateCertErrorParams2Der("Certificate.algorithm", alg1_tlv, | 173 CreateCertErrorParams2Der("Certificate.algorithm", alg1_tlv, |
| 186 "TBSCertificate.signature", alg2_tlv)); | 174 "TBSCertificate.signature", alg2_tlv)); |
| 187 return true; | 175 return true; |
| 188 } | 176 } |
| 189 | 177 |
| 190 errors->AddError( | 178 errors->AddError( |
| 191 kSignatureAlgorithmMismatch, | 179 kSignatureAlgorithmMismatch, |
| 192 CreateCertErrorParams2Der("Certificate.algorithm", alg1_tlv, | 180 CreateCertErrorParams2Der("Certificate.algorithm", alg1_tlv, |
| (...skipping 424 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 617 | 605 |
| 618 // TODO(eroman): RFC 5280 forbids duplicate certificates per section 6.1: | 606 // TODO(eroman): RFC 5280 forbids duplicate certificates per section 6.1: |
| 619 // | 607 // |
| 620 // A certificate MUST NOT appear more than once in a prospective | 608 // A certificate MUST NOT appear more than once in a prospective |
| 621 // certification path. | 609 // certification path. |
| 622 | 610 |
| 623 return true; | 611 return true; |
| 624 } | 612 } |
| 625 | 613 |
| 626 } // namespace net | 614 } // namespace net |
| OLD | NEW |
