Home | History | Annotate | Download | only in cert 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "net/cert/cert_verify_proc_android.h"
      6 
      7 #include <openssl/x509v3.h>
      8 
      9 #include <string>
     10 #include <vector>
     11 
     12 #include "base/logging.h"
     13 #include "base/sha1.h"
     14 #include "base/strings/string_piece.h"
     15 #include "crypto/sha2.h"
     16 #include "net/android/cert_verify_result_android.h"
     17 #include "net/android/network_library.h"
     18 #include "net/base/net_errors.h"
     19 #include "net/cert/asn1_util.h"
     20 #include "net/cert/cert_status_flags.h"
     21 #include "net/cert/cert_verify_result.h"
     22 #include "net/cert/x509_certificate.h"
     23 
     24 namespace net {
     25 
     26 namespace {
     27 
     28 // Returns true if the certificate verification call was successful (regardless
     29 // of its result), i.e. if |verify_result| was set. Otherwise returns false.
     30 bool VerifyFromAndroidTrustManager(const std::vector<std::string>& cert_bytes,
     31                                    const std::string& hostname,
     32                                    CertVerifyResult* verify_result) {
     33   android::CertVerifyStatusAndroid status;
     34   std::vector<std::string> verified_chain;
     35 
     36   // TODO(joth): Fetch the authentication type from SSL rather than hardcode.
     37   android::VerifyX509CertChain(cert_bytes, "RSA", hostname,
     38                                &status, &verify_result->is_issued_by_known_root,
     39                                &verified_chain);
     40   switch (status) {
     41     case android::VERIFY_FAILED:
     42       return false;
     43     case android::VERIFY_OK:
     44       break;
     45     case android::VERIFY_NO_TRUSTED_ROOT:
     46       verify_result->cert_status |= CERT_STATUS_AUTHORITY_INVALID;
     47       break;
     48     case android::VERIFY_EXPIRED:
     49     case android::VERIFY_NOT_YET_VALID:
     50       verify_result->cert_status |= CERT_STATUS_DATE_INVALID;
     51       break;
     52     case android::VERIFY_UNABLE_TO_PARSE:
     53       verify_result->cert_status |= CERT_STATUS_INVALID;
     54       break;
     55     case android::VERIFY_INCORRECT_KEY_USAGE:
     56       verify_result->cert_status |= CERT_STATUS_INVALID;
     57       break;
     58     default:
     59       NOTREACHED();
     60       verify_result->cert_status |= CERT_STATUS_INVALID;
     61       break;
     62   }
     63 
     64   // Save the verified chain.
     65   if (!verified_chain.empty()) {
     66     std::vector<base::StringPiece> verified_chain_pieces(verified_chain.size());
     67     for (size_t i = 0; i < verified_chain.size(); i++) {
     68       verified_chain_pieces[i] = base::StringPiece(verified_chain[i]);
     69     }
     70     scoped_refptr<X509Certificate> verified_cert =
     71         X509Certificate::CreateFromDERCertChain(verified_chain_pieces);
     72     if (verified_cert)
     73       verify_result->verified_cert = verified_cert;
     74   }
     75 
     76   // Extract the algorithm information from the certs
     77   X509Certificate::OSCertHandles chain;
     78   const X509Certificate::OSCertHandles& intermediates =
     79       verify_result->verified_cert->GetIntermediateCertificates();
     80   chain.push_back(verify_result->verified_cert->os_cert_handle());
     81   chain.insert(chain.end(), intermediates.begin(), intermediates.end());
     82 
     83   // If the chain successfully verified, ignore the trust anchor (the last
     84   // certificate). Otherwise, assume the chain is partial. This is not entirely
     85   // correct, as a full chain may have been constructed and then failed to
     86   // validate. However, if that is the case, the more serious error will
     87   // override any SHA-1 considerations.
     88   size_t correction_for_root = (status == android::VERIFY_OK) ? 1 : 0;
     89   for (size_t i = 0; i < chain.size() - correction_for_root; ++i) {
     90     int sig_alg = OBJ_obj2nid(chain[i]->sig_alg->algorithm);
     91     if (sig_alg == NID_md2WithRSAEncryption) {
     92       verify_result->has_md2 = true;
     93     } else if (sig_alg == NID_md4WithRSAEncryption) {
     94       verify_result->has_md4 = true;
     95     } else if (sig_alg == NID_md5WithRSAEncryption ||
     96                sig_alg == NID_md5WithRSA) {
     97       verify_result->has_md5 = true;
     98     } else if (sig_alg == NID_sha1WithRSAEncryption ||
     99                sig_alg == NID_dsaWithSHA || sig_alg == NID_dsaWithSHA1 ||
    100                sig_alg == NID_dsaWithSHA1_2 || sig_alg == NID_sha1WithRSA ||
    101                sig_alg == NID_ecdsa_with_SHA1) {
    102       verify_result->has_sha1 = true;
    103     }
    104   }
    105 
    106   // Extract the public key hashes.
    107   for (size_t i = 0; i < verified_chain.size(); i++) {
    108     base::StringPiece spki_bytes;
    109     if (!asn1::ExtractSPKIFromDERCert(verified_chain[i], &spki_bytes))
    110       continue;
    111 
    112     HashValue sha1(HASH_VALUE_SHA1);
    113     base::SHA1HashBytes(reinterpret_cast<const uint8*>(spki_bytes.data()),
    114                         spki_bytes.size(), sha1.data());
    115     verify_result->public_key_hashes.push_back(sha1);
    116 
    117     HashValue sha256(HASH_VALUE_SHA256);
    118     crypto::SHA256HashString(spki_bytes, sha256.data(), crypto::kSHA256Length);
    119     verify_result->public_key_hashes.push_back(sha256);
    120   }
    121 
    122   return true;
    123 }
    124 
    125 bool GetChainDEREncodedBytes(X509Certificate* cert,
    126                              std::vector<std::string>* chain_bytes) {
    127   X509Certificate::OSCertHandle cert_handle = cert->os_cert_handle();
    128   X509Certificate::OSCertHandles cert_handles =
    129       cert->GetIntermediateCertificates();
    130 
    131   // Make sure the peer's own cert is the first in the chain, if it's not
    132   // already there.
    133   if (cert_handles.empty() || cert_handles[0] != cert_handle)
    134     cert_handles.insert(cert_handles.begin(), cert_handle);
    135 
    136   chain_bytes->reserve(cert_handles.size());
    137   for (X509Certificate::OSCertHandles::const_iterator it =
    138        cert_handles.begin(); it != cert_handles.end(); ++it) {
    139     std::string cert_bytes;
    140     if(!X509Certificate::GetDEREncoded(*it, &cert_bytes))
    141       return false;
    142     chain_bytes->push_back(cert_bytes);
    143   }
    144   return true;
    145 }
    146 
    147 }  // namespace
    148 
    149 CertVerifyProcAndroid::CertVerifyProcAndroid() {}
    150 
    151 CertVerifyProcAndroid::~CertVerifyProcAndroid() {}
    152 
    153 bool CertVerifyProcAndroid::SupportsAdditionalTrustAnchors() const {
    154   return false;
    155 }
    156 
    157 int CertVerifyProcAndroid::VerifyInternal(
    158     X509Certificate* cert,
    159     const std::string& hostname,
    160     int flags,
    161     CRLSet* crl_set,
    162     const CertificateList& additional_trust_anchors,
    163     CertVerifyResult* verify_result) {
    164   if (!cert->VerifyNameMatch(hostname,
    165                              &verify_result->common_name_fallback_used)) {
    166     verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID;
    167   }
    168 
    169   std::vector<std::string> cert_bytes;
    170   if (!GetChainDEREncodedBytes(cert, &cert_bytes))
    171     return ERR_CERT_INVALID;
    172   if (!VerifyFromAndroidTrustManager(cert_bytes, hostname, verify_result)) {
    173     NOTREACHED();
    174     return ERR_FAILED;
    175   }
    176   if (IsCertStatusError(verify_result->cert_status))
    177     return MapCertStatusToNetError(verify_result->cert_status);
    178 
    179   return OK;
    180 }
    181 
    182 }  // namespace net
    183