1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.bouncycastle.jce.provider; 18 19 import java.io.FileNotFoundException; 20 import java.io.IOException; 21 import java.math.BigInteger; 22 import java.security.PublicKey; 23 import java.util.ArrayList; 24 import java.util.Arrays; 25 import java.util.Collections; 26 import java.util.HashSet; 27 import java.util.List; 28 import java.util.Set; 29 30 import libcore.io.IoUtils; 31 import org.bouncycastle.crypto.Digest; 32 import org.bouncycastle.crypto.digests.OpenSSLDigest; 33 import org.bouncycastle.util.encoders.Hex; 34 35 public class CertBlacklist { 36 37 private static final String ANDROID_DATA = System.getenv("ANDROID_DATA"); 38 private static final String BLACKLIST_ROOT = ANDROID_DATA + "/misc/keychain/"; 39 public static final String DEFAULT_PUBKEY_BLACKLIST_PATH = BLACKLIST_ROOT + "pubkey_blacklist.txt"; 40 public static final String DEFAULT_SERIAL_BLACKLIST_PATH = BLACKLIST_ROOT + "serial_blacklist.txt"; 41 42 // public for testing 43 public final Set<BigInteger> serialBlacklist; 44 public final Set<byte[]> pubkeyBlacklist; 45 46 public CertBlacklist() { 47 this(DEFAULT_PUBKEY_BLACKLIST_PATH, DEFAULT_SERIAL_BLACKLIST_PATH); 48 } 49 50 /** Test only interface, not for public use */ 51 public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) { 52 serialBlacklist = readSerialBlackList(serialBlacklistPath); 53 pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath); 54 } 55 56 private static boolean isHex(String value) { 57 try { 58 new BigInteger(value, 16); 59 return true; 60 } catch (NumberFormatException e) { 61 System.logW("Could not parse hex value " + value, e); 62 return false; 63 } 64 } 65 66 private static boolean isPubkeyHash(String value) { 67 if (value.length() != 40) { 68 System.logW("Invalid pubkey hash length: " + value.length()); 69 return false; 70 } 71 return isHex(value); 72 } 73 74 private static String readBlacklist(String path) { 75 try { 76 return IoUtils.readFileAsString(path); 77 } catch (FileNotFoundException ignored) { 78 } catch (IOException e) { 79 System.logW("Could not read blacklist", e); 80 } 81 return ""; 82 } 83 84 private static final Set<BigInteger> readSerialBlackList(String path) { 85 86 // start out with a base set of known bad values 87 Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList( 88 // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup 89 // Not a real certificate. For testing only. 90 new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16), 91 new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16), 92 new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16), 93 new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16), 94 new BigInteger("9239d5348f40d1695a745470e1f23f43", 16), 95 new BigInteger("e9028b9578e415dc1a710a2b88154447", 16), 96 new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16), 97 new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16), 98 new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16), 99 new BigInteger("3e75ced46b693021218830ae86a82a71", 16) 100 )); 101 102 // attempt to augment it with values taken from gservices 103 String serialBlacklist = readBlacklist(path); 104 if (!serialBlacklist.equals("")) { 105 for(String value : serialBlacklist.split(",")) { 106 try { 107 bl.add(new BigInteger(value, 16)); 108 } catch (NumberFormatException e) { 109 System.logW("Tried to blacklist invalid serial number " + value, e); 110 } 111 } 112 } 113 114 // whether that succeeds or fails, send it on its merry way 115 return Collections.unmodifiableSet(bl); 116 } 117 118 private static final Set<byte[]> readPublicKeyBlackList(String path) { 119 120 // start out with a base set of known bad values 121 Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList( 122 // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750 123 // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info (at) diginotar.nl 124 "410f36363258f30b347d12ce4863e433437806a8".getBytes(), 125 // Subject: CN=DigiNotar Cyber CA 126 // Issuer: CN=GTE CyberTrust Global Root 127 "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(), 128 // Subject: CN=DigiNotar Services 1024 CA 129 // Issuer: CN=Entrust.net 130 "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(), 131 // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2 132 // Issuer: CN=Staat der Nederlanden Organisatie CA - G2 133 "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(), 134 // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven 135 // Issuer: CN=Staat der Nederlanden Overheid CA 136 "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(), 137 // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479 138 // Subject: O=Digicert Sdn. Bhd. 139 // Issuer: CN=GTE CyberTrust Global Root 140 "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes() 141 )); 142 143 // attempt to augment it with values taken from gservices 144 String pubkeyBlacklist = readBlacklist(path); 145 if (!pubkeyBlacklist.equals("")) { 146 for (String value : pubkeyBlacklist.split(",")) { 147 value = value.trim(); 148 if (isPubkeyHash(value)) { 149 bl.add(value.getBytes()); 150 } else { 151 System.logW("Tried to blacklist invalid pubkey " + value); 152 } 153 } 154 } 155 156 return bl; 157 } 158 159 public boolean isPublicKeyBlackListed(PublicKey publicKey) { 160 byte[] encoded = publicKey.getEncoded(); 161 Digest digest = new OpenSSLDigest.SHA1(); 162 digest.update(encoded, 0, encoded.length); 163 byte[] out = new byte[digest.getDigestSize()]; 164 digest.doFinal(out, 0); 165 for (byte[] blacklisted : pubkeyBlacklist) { 166 if (Arrays.equals(blacklisted, Hex.encode(out))) { 167 return true; 168 } 169 } 170 return false; 171 } 172 173 public boolean isSerialNumberBlackListed(BigInteger serial) { 174 return serialBlacklist.contains(serial); 175 } 176 177 } 178