Provides a certificate for SSL client authentication on NSS sockets....

net/socket/ssl_client_socket_nss.cc

 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // This file includes code GetDefaultCertNickname(), derived from
 // nsNSSCertificate::defaultServerNickName()
 // in mozilla/security/manager/ssl/src/nsNSSCertificate.cpp
 // and SSLClientSocketNSS::DoVerifyCertComplete() derived from
 // AuthCertificateCallback() in
 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
@@ skipping 33 matching lines @@
  * decision by deleting the provisions above and replace them with the notice
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 #include "net/socket/ssl_client_socket_nss.h"
 
 #include <certdb.h>
+#include <keyhi.h>
 #include <nspr.h>
 #include <nss.h>
 #include <secerr.h>
 // Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424
 // until NSS 3.12.2 comes out and we update to it.
 #define Lock FOO_NSS_Lock
 #include <ssl.h>
 #include <sslerr.h>
 #include <pk11pub.h>
 #undef Lock
 
 #include "base/compiler_specific.h"
 #include "base/logging.h"
 #include "base/nss_init.h"
 #include "base/string_util.h"
 #include "net/base/cert_verifier.h"
 #include "net/base/io_buffer.h"
 #include "net/base/net_errors.h"
+#include "net/base/ssl_cert_request_info.h"
 #include "net/base/ssl_info.h"
 #include "net/ocsp/nss_ocsp.h"
 
 static const int kRecvBufferSize = 4096;
 
 namespace net {
 
 // State machines are easier to debug if you log state transitions.
 // Enable these if you want to see what's going on.
 #if 1
@@ skipping 75 matching lines @@
       return ERR_CERT_INVALID;
     case SSL_ERROR_REVOKED_CERT_ALERT:
     case SEC_ERROR_REVOKED_CERTIFICATE:
     case SEC_ERROR_REVOKED_KEY:
       return ERR_CERT_REVOKED;
     case SEC_ERROR_CA_CERT_INVALID:
     case SEC_ERROR_UNKNOWN_ISSUER:
     case SEC_ERROR_UNTRUSTED_CERT:
     case SEC_ERROR_UNTRUSTED_ISSUER:
       return ERR_CERT_AUTHORITY_INVALID;
+    case SSL_ERROR_HANDSHAKE_FAILURE_ALERT:
+      return ERR_SSL_PROTOCOL_ERROR;
 
     default: {
       if (IS_SSL_ERROR(err)) {
         LOG(WARNING) << "Unknown SSL error " << err <<
             " mapped to net::ERR_SSL_PROTOCOL_ERROR";
         return ERR_SSL_PROTOCOL_ERROR;
       }
       if (IS_SEC_ERROR(err)) {
         // TODO(port): Probably not the best mapping
         LOG(WARNING) << "Unknown SEC error " << err <<
@@ skipping 21 matching lines @@
       transport_recv_busy_(false),
       handshake_io_callback_(this, &SSLClientSocketNSS::OnHandshakeIOComplete),
       transport_(transport_socket),
       hostname_(hostname),
       ssl_config_(ssl_config),
       user_connect_callback_(NULL),
       user_read_callback_(NULL),
       user_write_callback_(NULL),
       user_read_buf_len_(0),
       user_write_buf_len_(0),
+      client_auth_ca_names_(NULL),
+      client_auth_cert_needed_(false),
       completed_handshake_(false),
       next_handshake_state_(STATE_NONE),
       nss_fd_(NULL),
       nss_bufs_(NULL) {
   EnterFunction("");
 }
 
 SSLClientSocketNSS::~SSLClientSocketNSS() {
   EnterFunction("");
   Disconnect();
@@ skipping 93 matching lines @@
 #endif
 
   rv = SSL_OptionSet(nss_fd_, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
   if (rv != SECSuccess)
      return ERR_UNEXPECTED;
 
   rv = SSL_AuthCertificateHook(nss_fd_, OwnAuthCertHandler, this);
   if (rv != SECSuccess)
      return ERR_UNEXPECTED;
 
+  rv = SSL_GetClientAuthDataHook(nss_fd_, ClientAuthHandler, this);
+  if (rv != SECSuccess)
+     return ERR_UNEXPECTED;
+
   rv = SSL_HandshakeCallback(nss_fd_, HandshakeCallback, this);
   if (rv != SECSuccess)
     return ERR_UNEXPECTED;
 
   // Tell SSL the hostname we're trying to connect to.
   SSL_SetURL(nss_fd_, hostname_.c_str());
 
   // Tell SSL we're a client; needed if not letting NSPR do socket I/O
   SSL_ResetHandshake(nss_fd_, 0);
 
@@ skipping 35 matching lines @@
   user_read_callback_    = NULL;
   user_write_callback_   = NULL;
   user_read_buf_         = NULL;
   user_read_buf_len_     = 0;
   user_write_buf_        = NULL;
   user_write_buf_len_    = 0;
   server_cert_           = NULL;
   server_cert_verify_result_.Reset();
   completed_handshake_   = false;
   nss_bufs_              = NULL;
+  if (client_auth_ca_names_) {
+    CERT_FreeDistNames(client_auth_ca_names_);
+    client_auth_ca_names_ = NULL;
+  }
+  client_auth_cert_needed_ = false;
 
   LeaveFunction("");
 }
 
 bool SSLClientSocketNSS::IsConnected() const {
   // Ideally, we should also check if we have received the close_notify alert
   // message from the server, and return false in that case.  We're not doing
   // that, so this function may return a false positive.  Since the upper
   // layer (HttpNetworkTransaction) needs to handle a persistent connection
   // closed by the server when we send a request anyway, a false positive in
@@ skipping 115 matching lines @@
     UpdateServerCert();
   }
   ssl_info->cert_status = server_cert_verify_result_.cert_status;
   DCHECK(server_cert_ != NULL);
   ssl_info->cert = server_cert_;
   LeaveFunction("");
 }
 
 void SSLClientSocketNSS::GetSSLCertRequestInfo(
     SSLCertRequestInfo* cert_request_info) {
-  // TODO(wtc): implement this.
+  EnterFunction("");
+  cert_request_info->host_and_port = hostname_;
+  cert_request_info->client_certs.clear();
+
+  void* wincx = SSL_RevealPinArg(nss_fd_);
+
+  CERTCertNicknames* names = CERT_GetCertNicknames(
+      CERT_GetDefaultCertDB(), SEC_CERT_NICKNAMES_USER, wincx);
+
+  if (names) {
+    for (int i = 0; i < names->numnicknames; ++i) {
+      CERTCertificate* cert = CERT_FindUserCertByUsage(
+          CERT_GetDefaultCertDB(), names->nicknames[i],
+          certUsageSSLClient, PR_FALSE, wincx);
+      if (!cert)
+        continue;
+      // Only check unexpired certs.
+      if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) ==
+          secCertTimeValid &&
+          NSS_CmpCertChainWCANames(cert, client_auth_ca_names_) ==
+          SECSuccess) {
+        SECKEYPrivateKey* privkey = PK11_FindKeyByAnyCert(cert, wincx);
+        if (privkey) {
+          X509Certificate* x509_cert = X509Certificate::CreateFromHandle(
+              cert, X509Certificate::SOURCE_LONE_CERT_IMPORT);
+          cert_request_info->client_certs.push_back(x509_cert);
+          SECKEY_DestroyPrivateKey(privkey);
+          continue;
+        }
+      }
+      CERT_DestroyCertificate(cert);
+    }
+    CERT_FreeNicknames(names);
+  }
+  LeaveFunction(cert_request_info->client_certs.size());
 }
 
 void SSLClientSocketNSS::DoReadCallback(int rv) {
   EnterFunction(rv);
   DCHECK(rv != ERR_IO_PENDING);
   DCHECK(user_read_callback_);
 
   // Since Run may result in Read being called, clear |user_read_callback_|
   // up front.
   CompletionCallback* c = user_read_callback_;
@@ skipping 292 matching lines @@
 // in full handshake mode or in resumption handshake mode.
 SECStatus SSLClientSocketNSS::OwnAuthCertHandler(void* arg,
                                                  PRFileDesc* socket,
                                                  PRBool checksig,
                                                  PRBool is_server) {
   // Tell NSS to not verify the certificate.
   return SECSuccess;
 }
 
 // static
+// NSS calls this if a client certificate is needed.
+// Based on Mozilla's NSS_GetClientAuthData.
+SECStatus SSLClientSocketNSS::ClientAuthHandler(
+    void* arg,
+    PRFileDesc* socket,
+    CERTDistNames* ca_names,
+    CERTCertificate** result_certificate,
+    SECKEYPrivateKey** result_private_key) {
+  SSLClientSocketNSS* that = reinterpret_cast<SSLClientSocketNSS*>(arg);
+
+  that->client_auth_cert_needed_ = !that->ssl_config_.send_client_cert;
+
+  // Second pass: a client certificate should have been selected.
+  if (that->ssl_config_.send_client_cert) {
+    if (that->ssl_config_.client_cert) {
+      void* wincx = SSL_RevealPinArg(socket);
+      CERTCertificate* cert = CERT_DupCertificate(
+          that->ssl_config_.client_cert->os_cert_handle());
+      SECKEYPrivateKey* privkey = PK11_FindKeyByAnyCert(cert, wincx);
+      if (privkey) {
+        // TODO(jsorianopastor): We should wait for server certificate
+        // verification before sending our credentials.  See
+        // http://crbug.com/13934.
+        *result_certificate = cert;
+        *result_private_key = privkey;
+        return SECSuccess;
+      }
+      LOG(WARNING) << "Client cert found without private key";
+    }
+    // Send no client certificate.
+    return SECFailure;
+  }
+
+  PRArenaPool* arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+  CERTDistNames* ca_names_copy = PORT_ArenaZNew(arena, CERTDistNames);
+
+  ca_names_copy->arena = arena;
+  ca_names_copy->head = NULL;
+  ca_names_copy->nnames = ca_names->nnames;
+  ca_names_copy->names = PORT_ArenaZNewArray(arena, SECItem,
+                                             ca_names->nnames);
+  for (int i = 0; i < ca_names->nnames; ++i)
+    SECITEM_CopyItem(arena, &ca_names_copy->names[i], &ca_names->names[i]);
+
+  that->client_auth_ca_names_ = ca_names_copy;
+  return SECFailure;
+}
+
+// static
 // NSS calls this when handshake is completed.
 // After the SSL handshake is finished, use CertVerifier to verify
 // the saved server certificate.
 void SSLClientSocketNSS::HandshakeCallback(PRFileDesc* socket,
                                            void* arg) {
   SSLClientSocketNSS* that = reinterpret_cast<SSLClientSocketNSS*>(arg);
 
   that->UpdateServerCert();
 }
 
 int SSLClientSocketNSS::DoHandshake() {
   EnterFunction("");
   int net_error = net::OK;
-  int rv = SSL_ForceHandshake(nss_fd_);
+  SECStatus rv = SSL_ForceHandshake(nss_fd_);
 
-  if (rv == SECSuccess) {
+  if (client_auth_cert_needed_) {
+    net_error = ERR_SSL_CLIENT_AUTH_CERT_NEEDED;
+    // If the handshake already succeeded (because the server requests but
+    // doesn't require a client cert), we need to invalidate the SSL session
+    // so that we won't try to resume the non-client-authenticated session in
+    // the next handshake.  This will cause the server to ask for a client
+    // cert again.
+    if (rv == SECSuccess && SSL_InvalidateSession(nss_fd_) != SECSuccess) {
+      LOG(WARNING) << "Couldn't invalidate SSL session: " << PR_GetError();
+    }
+  } else if (rv == SECSuccess) {
     // SSL handshake is completed.  Let's verify the certificate.
     GotoState(STATE_VERIFY_CERT);
     // Done!
   } else {
     PRErrorCode prerr = PR_GetError();
 
     // If the server closed on us, it is a protocol error.
     // Some TLS-intolerant servers do this when we request TLS.
     if (prerr == PR_END_OF_FILE_ERROR) {
       net_error = ERR_SSL_PROTOCOL_ERROR;
@@ skipping 89 matching lines @@
   // Exit DoHandshakeLoop and return the result to the caller to Connect.
   DCHECK(next_handshake_state_ == STATE_NONE);
   return result;
 }
 
 int SSLClientSocketNSS::DoPayloadRead() {
   EnterFunction(user_read_buf_len_);
   DCHECK(user_read_buf_);
   DCHECK(user_read_buf_len_ > 0);
   int rv = PR_Read(nss_fd_, user_read_buf_->data(), user_read_buf_len_);
+  if (client_auth_cert_needed_) {
+    // We don't need to invalidate the non-client-authenticated SSL session
+    // because the server will renegotiate anyway.
+    LeaveFunction("");
+    return ERR_SSL_CLIENT_AUTH_CERT_NEEDED;
+  }
   if (rv >= 0) {
     LogData(user_read_buf_->data(), rv);
     LeaveFunction("");
     return rv;
   }
   PRErrorCode prerr = PR_GetError();
   if (prerr == PR_WOULD_BLOCK_ERROR) {
     LeaveFunction("");
     return ERR_IO_PENDING;
   }
@@ skipping 12 matching lines @@
   }
   PRErrorCode prerr = PR_GetError();
   if (prerr == PR_WOULD_BLOCK_ERROR) {
     return ERR_IO_PENDING;
   }
   LeaveFunction("");
   return NetErrorFromNSPRError(prerr);
 }
 
 }  // namespace net