Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7)

Side by Side Diff: net/cert/ct_objects_extractor_nss.cc

Issue 92443002: Extract Certificate Transparency SCTs from stapled OCSP responses (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@extract_scts
Patch Set: Fix C++11 compile error Created 7 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/ct_objects_extractor.h ('k') | net/cert/ct_objects_extractor_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/ct_objects_extractor.h" 5 #include "net/cert/ct_objects_extractor.h"
6 6
7 #include <cert.h> 7 #include <cert.h>
8 #include <secasn1.h> 8 #include <secasn1.h>
9 #include <secitem.h> 9 #include <secitem.h>
10 #include <secoid.h> 10 #include <secoid.h>
11 11
12 #include "base/lazy_instance.h" 12 #include "base/lazy_instance.h"
13 #include "base/sha1.h"
13 #include "crypto/scoped_nss_types.h" 14 #include "crypto/scoped_nss_types.h"
14 #include "crypto/sha2.h" 15 #include "crypto/sha2.h"
15 #include "net/cert/asn1_util.h" 16 #include "net/cert/asn1_util.h"
16 #include "net/cert/scoped_nss_types.h" 17 #include "net/cert/scoped_nss_types.h"
17 #include "net/cert/signed_certificate_timestamp.h" 18 #include "net/cert/signed_certificate_timestamp.h"
18 19
19 namespace net { 20 namespace net {
20 21
21 namespace ct { 22 namespace ct {
22 23
23 namespace { 24 namespace {
24 25
26 // NSS black magic to get the address of externally defined template at runtime.
27 SEC_ASN1_MKSUB(SEC_IntegerTemplate)
28 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
29 SEC_ASN1_MKSUB(SEC_GeneralizedTimeTemplate)
30 SEC_ASN1_MKSUB(CERT_SequenceOfCertExtensionTemplate)
31
25 // Wrapper class to convert a X509Certificate::OSCertHandle directly 32 // Wrapper class to convert a X509Certificate::OSCertHandle directly
26 // into a CERTCertificate* usable with other NSS functions. This is used for 33 // into a CERTCertificate* usable with other NSS functions. This is used for
27 // platforms where X509Certificate::OSCertHandle refers to a different type 34 // platforms where X509Certificate::OSCertHandle refers to a different type
28 // than a CERTCertificate*. 35 // than a CERTCertificate*.
29 struct NSSCertWrapper { 36 struct NSSCertWrapper {
30 explicit NSSCertWrapper(X509Certificate::OSCertHandle cert_handle); 37 explicit NSSCertWrapper(X509Certificate::OSCertHandle cert_handle);
31 ~NSSCertWrapper() {} 38 ~NSSCertWrapper() {}
32 39
33 ScopedCERTCertificate cert; 40 ScopedCERTCertificate cert;
34 }; 41 };
(...skipping 20 matching lines...) Expand all
55 } 62 }
56 63
57 // The wire form of the OID 1.3.6.1.4.1.11129.2.4.2. See Section 3.3 of 64 // The wire form of the OID 1.3.6.1.4.1.11129.2.4.2. See Section 3.3 of
58 // RFC6962. 65 // RFC6962.
59 const unsigned char kEmbeddedSCTOid[] = {0x2B, 0x06, 0x01, 0x04, 0x01, 66 const unsigned char kEmbeddedSCTOid[] = {0x2B, 0x06, 0x01, 0x04, 0x01,
60 0xD6, 0x79, 0x02, 0x04, 0x02}; 67 0xD6, 0x79, 0x02, 0x04, 0x02};
61 const char kEmbeddedSCTDescription[] = 68 const char kEmbeddedSCTDescription[] =
62 "X.509v3 Certificate Transparency Embedded Signed Certificate Timestamp " 69 "X.509v3 Certificate Transparency Embedded Signed Certificate Timestamp "
63 "List"; 70 "List";
64 71
72 // The wire form of the OID 1.3.6.1.4.1.11129.2.4.5 - OCSP SingleExtension for
73 // X.509v3 Certificate Transparency Signed Certificate Timestamp List, see
74 // Section 3.3 of RFC6962.
75 const unsigned char kOCSPExtensionOid[] = {0x2B, 0x06, 0x01, 0x04, 0x01,
76 0xD6, 0x79, 0x02, 0x04, 0x05};
77
78 const SECItem kOCSPExtensionOidItem = {
79 siBuffer, const_cast<unsigned char*>(kOCSPExtensionOid),
80 sizeof(kOCSPExtensionOid)
81 };
82
83 // id-ad-ocsp: 1.3.6.1.5.5.7.48.1.1
84 const unsigned char kBasicOCSPResponseOid[] = {0x2B, 0x06, 0x01, 0x05, 0x05,
85 0x07, 0x30, 0x01, 0x01};
86
87 const SECItem kBasicOCSPResponseOidItem = {
88 siBuffer, const_cast<unsigned char*>(kBasicOCSPResponseOid),
89 sizeof(kBasicOCSPResponseOid)
90 };
91
92
65 // Initializes the necessary NSS internals for use with Certificate 93 // Initializes the necessary NSS internals for use with Certificate
66 // Transparency. 94 // Transparency.
67 class CTInitSingleton { 95 class CTInitSingleton {
68 public: 96 public:
69 SECOidTag embedded_oid() const { return embedded_oid_; } 97 SECOidTag embedded_oid() const { return embedded_oid_; }
70 98
71 private: 99 private:
72 friend struct base::DefaultLazyInstanceTraits<CTInitSingleton>; 100 friend struct base::DefaultLazyInstanceTraits<CTInitSingleton>;
73 101
74 CTInitSingleton() : embedded_oid_(SEC_OID_UNKNOWN) { 102 CTInitSingleton() : embedded_oid_(SEC_OID_UNKNOWN) {
(...skipping 26 matching lines...) Expand all
101 129
102 SECOidTag embedded_oid_; 130 SECOidTag embedded_oid_;
103 131
104 DISALLOW_COPY_AND_ASSIGN(CTInitSingleton); 132 DISALLOW_COPY_AND_ASSIGN(CTInitSingleton);
105 }; 133 };
106 134
107 base::LazyInstance<CTInitSingleton>::Leaky g_ct_singleton = 135 base::LazyInstance<CTInitSingleton>::Leaky g_ct_singleton =
108 LAZY_INSTANCE_INITIALIZER; 136 LAZY_INSTANCE_INITIALIZER;
109 137
110 // Obtains the data for an X.509v3 certificate extension identified by |oid| 138 // Obtains the data for an X.509v3 certificate extension identified by |oid|
111 // and encoded as an OCTET STRING. Returns true if the extension was found, 139 // and encoded as an OCTET STRING. Returns true if the extension was found in
112 // updating |ext_data| to be the extension data after removing the DER 140 // the certificate, updating |ext_data| to be the extension data after removing
113 // encoding of OCTET STRING. 141 // the DER encoding of OCTET STRING.
114 bool GetOctetStringExtension(CERTCertificate* cert, 142 bool GetCertOctetStringExtension(CERTCertificate* cert,
115 SECOidTag oid, 143 SECOidTag oid,
116 std::string* extension_data) { 144 std::string* extension_data) {
117 SECItem extension; 145 SECItem extension;
118 SECStatus rv = CERT_FindCertExtension(cert, oid, &extension); 146 SECStatus rv = CERT_FindCertExtension(cert, oid, &extension);
119 if (rv != SECSuccess) 147 if (rv != SECSuccess)
120 return false; 148 return false;
121 149
122 base::StringPiece raw_data(reinterpret_cast<char*>(extension.data), 150 base::StringPiece raw_data(reinterpret_cast<char*>(extension.data),
123 extension.len); 151 extension.len);
124 base::StringPiece parsed_data; 152 base::StringPiece parsed_data;
125 if (!asn1::GetElement(&raw_data, asn1::kOCTETSTRING, &parsed_data) || 153 if (!asn1::GetElement(&raw_data, asn1::kOCTETSTRING, &parsed_data) ||
126 raw_data.size() > 0) { // Decoding failure or raw data left 154 raw_data.size() > 0) { // Decoding failure or raw data left
127 rv = SECFailure; 155 rv = SECFailure;
128 } else { 156 } else {
129 parsed_data.CopyToString(extension_data); 157 parsed_data.CopyToString(extension_data);
130 } 158 }
131 159
132 SECITEM_FreeItem(&extension, PR_FALSE); 160 SECITEM_FreeItem(&extension, PR_FALSE);
133 return rv == SECSuccess; 161 return rv == SECSuccess;
134 } 162 }
135 163
164 // NSS offers CERT_FindCertExtension for certificates, but that only accepts
165 // CERTCertificate* inputs, so the method below extracts the SCT extension
166 // directly from the CERTCertExtension** of an OCSP response.
167 //
168 // Obtains the data for an OCSP extension identified by kOCSPExtensionOidItem
169 // and encoded as an OCTET STRING. Returns true if the extension was found in
170 // |extensions|, updating |extension_data| to be the extension data after
171 // removing the DER encoding of OCTET STRING.
172 bool GetSCTListFromOCSPExtension(PLArenaPool* arena,
173 const CERTCertExtension* const* extensions,
174 std::string* extension_data) {
175 if (!extensions)
176 return false;
177
178 const CERTCertExtension* match = NULL;
179
180 for (const CERTCertExtension* const* exts = extensions; *exts; ++exts) {
181 const CERTCertExtension* ext = *exts;
182 if (SECITEM_ItemsAreEqual(&kOCSPExtensionOidItem, &ext->id)) {
183 match = ext;
184 break;
185 }
186 }
187
188 if (!match)
189 return false;
190
191 SECItem contents;
192 // SEC_QuickDERDecodeItem sets |contents| to point to |match|, so it is not
193 // necessary to free the contents of |contents|.
194 SECStatus rv = SEC_QuickDERDecodeItem(arena, &contents,
195 SEC_ASN1_GET(SEC_OctetStringTemplate),
196 &match->value);
197 if (rv != SECSuccess)
198 return false;
199
200 base::StringPiece parsed_data(reinterpret_cast<char*>(contents.data),
201 contents.len);
202 parsed_data.CopyToString(extension_data);
203 return true;
204 }
205
136 // Given a |cert|, extract the TBSCertificate from this certificate, also 206 // Given a |cert|, extract the TBSCertificate from this certificate, also
137 // removing the X.509 extension with OID 1.3.6.1.4.1.11129.2.4.2 (that is, 207 // removing the X.509 extension with OID 1.3.6.1.4.1.11129.2.4.2 (that is,
138 // the embedded SCT) 208 // the embedded SCT)
139 bool ExtractTBSCertWithoutSCTs(CERTCertificate* cert, 209 bool ExtractTBSCertWithoutSCTs(CERTCertificate* cert,
140 std::string* to_be_signed) { 210 std::string* to_be_signed) {
141 SECOidData* oid = SECOID_FindOIDByTag(g_ct_singleton.Get().embedded_oid()); 211 SECOidData* oid = SECOID_FindOIDByTag(g_ct_singleton.Get().embedded_oid());
142 if (!oid) 212 if (!oid)
143 return false; 213 return false;
144 214
145 // This is a giant hack, due to the fact that NSS does not expose a good API 215 // This is a giant hack, due to the fact that NSS does not expose a good API
(...skipping 27 matching lines...) Expand all
173 &tbs_data, 243 &tbs_data,
174 &temp_cert, 244 &temp_cert,
175 SEC_ASN1_GET(CERT_CertificateTemplate)); 245 SEC_ASN1_GET(CERT_CertificateTemplate));
176 if (!result) 246 if (!result)
177 return false; 247 return false;
178 248
179 to_be_signed->assign(reinterpret_cast<char*>(tbs_data.data), tbs_data.len); 249 to_be_signed->assign(reinterpret_cast<char*>(tbs_data.data), tbs_data.len);
180 return true; 250 return true;
181 } 251 }
182 252
253 // The following code is adapted from the NSS OCSP module, in order to expose
254 // the internal structure of an OCSP response.
255
256 // ResponseBytes ::= SEQUENCE {
257 // responseType OBJECT IDENTIFIER,
258 // response OCTET STRING }
259 struct ResponseBytes {
260 SECItem response_type;
261 SECItem der_response;
262 };
263
264 const SEC_ASN1Template kResponseBytesTemplate[] = {
265 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ResponseBytes) },
266 { SEC_ASN1_OBJECT_ID, offsetof(ResponseBytes, response_type) },
267 { SEC_ASN1_OCTET_STRING, offsetof(ResponseBytes, der_response) },
268 { 0 }
269 };
270
271 // OCSPResponse ::= SEQUENCE {
272 // responseStatus OCSPResponseStatus,
273 // responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
274 struct OCSPResponse {
275 SECItem response_status;
276 // This indirection is needed because |response_bytes| is an optional
277 // component and we need a way to determine if it is missing.
278 ResponseBytes* response_bytes;
279 };
280
281 const SEC_ASN1Template kPointerToResponseBytesTemplate[] = {
282 { SEC_ASN1_POINTER, 0, kResponseBytesTemplate }
283 };
284
285 const SEC_ASN1Template kOCSPResponseTemplate[] = {
286 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(OCSPResponse) },
287 { SEC_ASN1_ENUMERATED, offsetof(OCSPResponse, response_status) },
288 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
289 SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(OCSPResponse, response_bytes),
290 kPointerToResponseBytesTemplate },
291 { 0 }
292 };
293
294 // CertID ::= SEQUENCE {
295 // hashAlgorithm AlgorithmIdentifier,
296 // issuerNameHash OCTET STRING, -- Hash of Issuer's DN
297 // issuerKeyHash OCTET STRING, -- Hash of Issuers public key
298 // serialNumber CertificateSerialNumber }
299 struct CertID {
300 SECAlgorithmID hash_algorithm;
301 SECItem issuer_name_hash;
302 SECItem issuer_key_hash;
303 SECItem serial_number;
304 };
305
306 const SEC_ASN1Template kCertIDTemplate[] = {
307 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CertID) },
308 { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CertID, hash_algorithm),
309 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
310 { SEC_ASN1_OCTET_STRING, offsetof(CertID, issuer_name_hash) },
311 { SEC_ASN1_OCTET_STRING, offsetof(CertID, issuer_key_hash) },
312 { SEC_ASN1_INTEGER, offsetof(CertID, serial_number) },
313 { 0 }
314 };
315
316 // SingleResponse ::= SEQUENCE {
317 // certID CertID,
318 // certStatus CertStatus,
319 // thisUpdate GeneralizedTime,
320 // nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
321 // singleExtensions [1] EXPLICIT Extensions OPTIONAL }
322 struct SingleResponse {
323 CertID cert_id;
324 // The following three fields are not used.
325 SECItem der_cert_status;
326 SECItem this_update;
327 SECItem next_update;
328 CERTCertExtension** single_extensions;
329 };
330
331 const SEC_ASN1Template kSingleResponseTemplate[] = {
332 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SingleResponse) },
333 { SEC_ASN1_INLINE, offsetof(SingleResponse, cert_id), kCertIDTemplate },
334 // Really a CHOICE but we make it an ANY because we don't care about the
335 // contents of this field.
336 // TODO(ekasper): use SEC_ASN1_CHOICE.
337 { SEC_ASN1_ANY, offsetof(SingleResponse, der_cert_status) },
338 { SEC_ASN1_GENERALIZED_TIME, offsetof(SingleResponse, this_update) },
339 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
340 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
341 offsetof(SingleResponse, next_update),
342 SEC_ASN1_SUB(SEC_GeneralizedTimeTemplate) },
343 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
344 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
345 offsetof(SingleResponse, single_extensions),
346 SEC_ASN1_SUB(CERT_SequenceOfCertExtensionTemplate) },
347 { 0 }
348 };
349
350 // ResponseData ::= SEQUENCE {
351 // version [0] EXPLICIT Version DEFAULT v1,
352 // responderID ResponderID,
353 // producedAt GeneralizedTime,
354 // responses SEQUENCE OF SingleResponse,
355 // responseExtensions [1] EXPLICIT Extensions OPTIONAL }
356 struct ResponseData {
357 // The first three fields are not used.
358 SECItem version;
359 SECItem der_responder_id;
360 SECItem produced_at;
361 SingleResponse** single_responses;
362 // Skip extensions.
363 };
364
365 const SEC_ASN1Template kResponseDataTemplate[] = {
366 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ResponseData) },
367 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
368 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
369 offsetof(ResponseData, version), SEC_ASN1_SUB(SEC_IntegerTemplate) },
370 // Really a CHOICE but we make it an ANY because we don't care about the
371 // contents of this field.
372 // TODO(ekasper): use SEC_ASN1_CHOICE.
373 { SEC_ASN1_ANY, offsetof(ResponseData, der_responder_id) },
374 { SEC_ASN1_GENERALIZED_TIME, offsetof(ResponseData, produced_at) },
375 { SEC_ASN1_SEQUENCE_OF, offsetof(ResponseData, single_responses),
376 kSingleResponseTemplate },
377 { SEC_ASN1_SKIP_REST },
378 { 0 }
379 };
380
381 // BasicOCSPResponse ::= SEQUENCE {
382 // tbsResponseData ResponseData,
383 // signatureAlgorithm AlgorithmIdentifier,
384 // signature BIT STRING,
385 // certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
386 struct BasicOCSPResponse {
387 ResponseData tbs_response_data;
388 // We do not care about the rest.
389 };
390
391 const SEC_ASN1Template kBasicOCSPResponseTemplate[] = {
392 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(BasicOCSPResponse) },
393 { SEC_ASN1_INLINE, offsetof(BasicOCSPResponse, tbs_response_data),
394 kResponseDataTemplate },
395 { SEC_ASN1_SKIP_REST },
396 { 0 }
397 };
398
399 bool StringEqualToSECItem(const std::string& value1, const SECItem& value2) {
400 if (value1.size() != value2.len)
401 return false;
402 return memcmp(value1.data(), value2.data, value2.len) == 0;
403 }
404
405 // TODO(ekasper): also use the issuer name hash in matching.
406 bool CertIDMatches(const CertID& cert_id,
407 const std::string& serial_number,
408 const std::string& issuer_key_sha1_hash,
409 const std::string& issuer_key_sha256_hash) {
410 if (!StringEqualToSECItem(serial_number, cert_id.serial_number))
411 return false;
412
413 SECOidTag hash_alg = SECOID_FindOIDTag(&cert_id.hash_algorithm.algorithm);
414 switch (hash_alg) {
415 case SEC_OID_SHA1:
416 return StringEqualToSECItem(issuer_key_sha1_hash,
417 cert_id.issuer_key_hash);
418 case SEC_OID_SHA256:
419 return StringEqualToSECItem(issuer_key_sha256_hash,
420 cert_id.issuer_key_hash);
421 default:
422 return false;
423 }
424 }
425
183 } // namespace 426 } // namespace
184 427
185 bool ExtractEmbeddedSCTList(X509Certificate::OSCertHandle cert, 428 bool ExtractEmbeddedSCTList(X509Certificate::OSCertHandle cert,
186 std::string* sct_list) { 429 std::string* sct_list) {
187 DCHECK(cert); 430 DCHECK(cert);
188 431
189 NSSCertWrapper leaf_cert(cert); 432 NSSCertWrapper leaf_cert(cert);
190 if (!leaf_cert.cert) 433 if (!leaf_cert.cert)
191 return false; 434 return false;
192 435
193 return GetOctetStringExtension( 436 return GetCertOctetStringExtension(leaf_cert.cert.get(),
194 leaf_cert.cert.get(), g_ct_singleton.Get().embedded_oid(), sct_list); 437 g_ct_singleton.Get().embedded_oid(),
438 sct_list);
195 } 439 }
196 440
197 bool GetPrecertLogEntry(X509Certificate::OSCertHandle leaf, 441 bool GetPrecertLogEntry(X509Certificate::OSCertHandle leaf,
198 X509Certificate::OSCertHandle issuer, 442 X509Certificate::OSCertHandle issuer,
199 LogEntry* result) { 443 LogEntry* result) {
200 DCHECK(leaf); 444 DCHECK(leaf);
201 DCHECK(issuer); 445 DCHECK(issuer);
202 446
203 NSSCertWrapper leaf_cert(leaf); 447 NSSCertWrapper leaf_cert(leaf);
204 NSSCertWrapper issuer_cert(issuer); 448 NSSCertWrapper issuer_cert(issuer);
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
262 std::string encoded; 506 std::string encoded;
263 if (!X509Certificate::GetDEREncoded(leaf, &encoded)) 507 if (!X509Certificate::GetDEREncoded(leaf, &encoded))
264 return false; 508 return false;
265 509
266 result->Reset(); 510 result->Reset();
267 result->type = ct::LogEntry::LOG_ENTRY_TYPE_X509; 511 result->type = ct::LogEntry::LOG_ENTRY_TYPE_X509;
268 result->leaf_certificate.swap(encoded); 512 result->leaf_certificate.swap(encoded);
269 return true; 513 return true;
270 } 514 }
271 515
516 bool ExtractSCTListFromOCSPResponse(X509Certificate::OSCertHandle issuer,
517 const std::string& cert_serial_number,
518 const std::string& ocsp_response,
519 std::string* sct_list) {
520 DCHECK(issuer);
521
522 // Any OCSP response is unlikely to be even close to 2^24 bytes; further, CT
523 // only uses stapled OCSP responses which have this limit imposed by the TLS
524 // protocol.
525 if (ocsp_response.size() > 0xffffff)
526 return false;
527
528 crypto::ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
529
530 OCSPResponse response;
531 memset(&response, 0, sizeof(response));
532
533 SECItem src = { siBuffer,
534 reinterpret_cast<unsigned char*>(const_cast<char*>(
535 ocsp_response.data())),
536 static_cast<unsigned int>(ocsp_response.size()) };
537
538 // |response| will point directly into |src|, so it's not necessary to
539 // free the |response| contents, but they may only be used while |src|
540 // is valid (i.e., in this method).
541 SECStatus rv = SEC_QuickDERDecodeItem(arena.get(), &response,
542 kOCSPResponseTemplate, &src);
543 if (rv != SECSuccess)
544 return false;
545
546 if (!response.response_bytes)
547 return false;
548
549 if (!SECITEM_ItemsAreEqual(&kBasicOCSPResponseOidItem,
550 &response.response_bytes->response_type)) {
551 return false;
552 }
553
554 BasicOCSPResponse basic_response;
555 memset(&basic_response, 0, sizeof(basic_response));
556
557 rv = SEC_QuickDERDecodeItem(arena.get(), &basic_response,
558 kBasicOCSPResponseTemplate,
559 &response.response_bytes->der_response);
560 if (rv != SECSuccess)
561 return false;
562
563 SingleResponse** responses =
564 basic_response.tbs_response_data.single_responses;
565 if (!responses)
566 return false;
567
568 std::string issuer_der;
569 if (!X509Certificate::GetDEREncoded(issuer, &issuer_der))
570 return false;
571
572 base::StringPiece issuer_spki;
573 if (!asn1::ExtractSPKIFromDERCert(issuer_der, &issuer_spki))
574 return false;
575
576 // In OCSP, only the key itself is under hash.
577 base::StringPiece issuer_spk;
578 if (!asn1::ExtractSubjectPublicKeyFromSPKI(issuer_spki, &issuer_spk))
579 return false;
580
581 // ExtractSubjectPublicKey... does not remove the initial octet encoding the
582 // number of unused bits in the ASN.1 BIT STRING so we do it here. For public
583 // keys, the bitstring is in practice always byte-aligned.
584 if (issuer_spk.empty() || issuer_spk[0] != 0)
585 return false;
586 issuer_spk.remove_prefix(1);
587
588 // NSS OCSP lib recognizes SHA1, MD5 and MD2; MD5 and MD2 are dead but
589 // https://bugzilla.mozilla.org/show_bug.cgi?id=663315 will add SHA-256
590 // and SHA-384.
591 // TODO(ekasper): add SHA-384 to crypto/sha2.h and here if it proves
592 // necessary.
593 // TODO(ekasper): only compute the hashes on demand.
594 std::string issuer_key_sha256_hash = crypto::SHA256HashString(issuer_spk);
595 std::string issuer_key_sha1_hash = base::SHA1HashString(
596 issuer_spk.as_string());
597
598 const SingleResponse* match = NULL;
599 for (const SingleResponse* const* resps = responses; *resps; ++resps) {
600 const SingleResponse* resp = *resps;
601 if (CertIDMatches(resp->cert_id, cert_serial_number,
602 issuer_key_sha1_hash, issuer_key_sha256_hash)) {
603 match = resp;
604 break;
605 }
606 }
607
608 if (!match)
609 return false;
610
611 return GetSCTListFromOCSPExtension(arena.get(), match->single_extensions,
612 sct_list);
613 }
614
272 } // namespace ct 615 } // namespace ct
273 616
274 } // namespace net 617 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/ct_objects_extractor.h ('k') | net/cert/ct_objects_extractor_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698