RetroZilla/security/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.c
2018-05-19 22:01:21 +08:00

444 lines
15 KiB
C

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/*
* pkix_signaturechecker.c
*
* Functions for signature validation
*
*/
#include "pkix_signaturechecker.h"
/*
* FUNCTION: pkix_SignatureCheckerstate_Destroy
* (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
*/
static PKIX_Error *
pkix_SignatureCheckerState_Destroy(
PKIX_PL_Object *object,
void *plContext)
{
pkix_SignatureCheckerState *state = NULL;
PKIX_ENTER(SIGNATURECHECKERSTATE,
"pkix_SignatureCheckerState_Destroy");
PKIX_NULLCHECK_ONE(object);
/* Check that this object is a signature checker state */
PKIX_CHECK(pkix_CheckType
(object, PKIX_SIGNATURECHECKERSTATE_TYPE, plContext),
PKIX_OBJECTNOTSIGNATURECHECKERSTATE);
state = (pkix_SignatureCheckerState *) object;
state->prevCertCertSign = PKIX_FALSE;
PKIX_DECREF(state->prevPublicKey);
PKIX_DECREF(state->prevPublicKeyList);
PKIX_DECREF(state->keyUsageOID);
cleanup:
PKIX_RETURN(SIGNATURECHECKERSTATE);
}
/*
* FUNCTION: pkix_SignatureCheckerState_RegisterSelf
*
* DESCRIPTION:
* Registers PKIX_SIGNATURECHECKERSTATE_TYPE and its related functions
* with systemClasses[]
*
* THREAD SAFETY:
* Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
*
* Since this function is only called by PKIX_PL_Initialize, which should
* only be called once, it is acceptable that this function is not
* thread-safe.
*/
PKIX_Error *
pkix_SignatureCheckerState_RegisterSelf(void *plContext)
{
extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
pkix_ClassTable_Entry entry;
PKIX_ENTER(SIGNATURECHECKERSTATE,
"pkix_SignatureCheckerState_RegisterSelf");
entry.description = "SignatureCheckerState";
entry.objCounter = 0;
entry.typeObjectSize = sizeof(pkix_SignatureCheckerState);
entry.destructor = pkix_SignatureCheckerState_Destroy;
entry.equalsFunction = NULL;
entry.hashcodeFunction = NULL;
entry.toStringFunction = NULL;
entry.comparator = NULL;
entry.duplicateFunction = NULL;
systemClasses[PKIX_SIGNATURECHECKERSTATE_TYPE] = entry;
PKIX_RETURN(SIGNATURECHECKERSTATE);
}
/*
* FUNCTION: pkix_SignatureCheckerState_Create
*
* DESCRIPTION:
* Allocate and initialize SignatureChecker state data.
*
* PARAMETERS
* "trustedPubKey"
* Address of trusted Anchor Public Key for verifying first Cert in the
* chain. Must be non-NULL.
* "certsRemaining"
* Number of certificates remaining in the chain.
* "pCheckerState"
* Address where SignatureCheckerState will be stored. Must be non-NULL.
* "plContext"
* Platform-specific context pointer.
*
* THREAD SAFETY:
* Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
*
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a SignatureCheckerState Error if the function fails in a
* non-fatal way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
static PKIX_Error *
pkix_SignatureCheckerState_Create(
PKIX_PL_PublicKey *trustedPubKey,
PKIX_UInt32 certsRemaining,
pkix_SignatureCheckerState **pCheckerState,
void *plContext)
{
pkix_SignatureCheckerState *state = NULL;
PKIX_PL_OID *keyUsageOID = NULL;
PKIX_ENTER(SIGNATURECHECKERSTATE, "pkix_SignatureCheckerState_Create");
PKIX_NULLCHECK_TWO(trustedPubKey, pCheckerState);
PKIX_CHECK(PKIX_PL_Object_Alloc
(PKIX_SIGNATURECHECKERSTATE_TYPE,
sizeof (pkix_SignatureCheckerState),
(PKIX_PL_Object **)&state,
plContext),
PKIX_COULDNOTCREATESIGNATURECHECKERSTATEOBJECT);
/* Initialize fields */
state->prevCertCertSign = PKIX_TRUE;
state->prevPublicKeyList = NULL;
state->certsRemaining = certsRemaining;
PKIX_INCREF(trustedPubKey);
state->prevPublicKey = trustedPubKey;
PKIX_CHECK(PKIX_PL_OID_Create
(PKIX_CERTKEYUSAGE_OID,
&keyUsageOID,
plContext),
PKIX_OIDCREATEFAILED);
state->keyUsageOID = keyUsageOID;
keyUsageOID = NULL;
*pCheckerState = state;
state = NULL;
cleanup:
PKIX_DECREF(keyUsageOID);
PKIX_DECREF(state);
PKIX_RETURN(SIGNATURECHECKERSTATE);
}
/* --Private-Functions-------------------------------------------- */
/*
* FUNCTION: pkix_SignatureChecker_Check
* (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
*/
PKIX_Error *
pkix_SignatureChecker_Check(
PKIX_CertChainChecker *checker,
PKIX_PL_Cert *cert,
PKIX_List *unresolvedCriticalExtensions,
void **pNBIOContext,
void *plContext)
{
pkix_SignatureCheckerState *state = NULL;
PKIX_PL_PublicKey *prevPubKey = NULL;
PKIX_PL_PublicKey *currPubKey = NULL;
PKIX_PL_PublicKey *newPubKey = NULL;
PKIX_PL_PublicKey *pKey = NULL;
PKIX_PL_CertBasicConstraints *basicConstraints = NULL;
PKIX_Error *checkKeyUsageFail = NULL;
PKIX_Error *verifyFail = NULL;
PKIX_Boolean certVerified = PKIX_FALSE;
PKIX_ENTER(CERTCHAINCHECKER, "pkix_SignatureChecker_Check");
PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
*pNBIOContext = NULL; /* we never block on pending I/O */
PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
(checker, (PKIX_PL_Object **)&state, plContext),
PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
(state->certsRemaining)--;
PKIX_INCREF(state->prevPublicKey);
prevPubKey = state->prevPublicKey;
/*
* Previous Cert doesn't have CertSign bit on for signature
* verification and it is not a self-issued Cert so there is no
* old key saved. This is considered error.
*/
if (state->prevCertCertSign == PKIX_FALSE &&
state->prevPublicKeyList == NULL) {
PKIX_ERROR(PKIX_KEYUSAGEKEYCERTSIGNBITNOTON);
}
/* Previous Cert is valid for signature verification, try it first */
if (state->prevCertCertSign == PKIX_TRUE) {
verifyFail = PKIX_PL_Cert_VerifySignature
(cert, prevPubKey, plContext);
if (verifyFail == NULL) {
certVerified = PKIX_TRUE;
} else {
certVerified = PKIX_FALSE;
}
}
#ifdef NIST_TEST_4_5_4_AND_4_5_6
/*
* Following codes under this compiler flag is implemented for
* special cases of NIST tests 4.5.4 and 4.5.6. We are not sure
* we should handle these two tests as what is implemented so the
* codes are commented out, and the tests fails (for now).
* For Cert chain validation, our assumption is all the Certs on
* the chain are using its previous Cert's public key to decode
* its current key. But for thses two tests, keys are used not
* in this precedent order, we can either
* 1) Use what is implemented here: take in what Cert order NIST
* specified and for continuous self-issued Certs, stacking up
* their keys and tries all of them in FILO order.
* But this method breaks the idea of chain key presdency.
* 2) Use Build Chain facility: we will specify the valid Certs
* order (means key precedency is kept) and count on Build Chain
* to get the Certs that can fill for the needed keys. This may have
* performance impact.
* 3) Fetch Certs from CertStore: we will specifiy the valid Certs
* order and use CertSelector on SubjectName to get a list of
* candidates Certs to fill in for the needed keys.
* Anyhow, the codes are kept around just in case we want to use
* solution one...
*/
/* If failed and previous key is self-issued, try its old key(s) */
if (certVerified == PKIX_FALSE && state->prevPublicKeyList != NULL) {
/* Verify from keys on the list */
PKIX_CHECK(PKIX_List_GetLength
(state->prevPublicKeyList, &numKeys, plContext),
PKIX_LISTGETLENGTHFAILED);
for (i = numKeys - 1; i >= 0; i--) {
PKIX_CHECK(PKIX_List_GetItem
(state->prevPublicKeyList,
i,
(PKIX_PL_Object **) &pKey,
plContext),
PKIX_LISTGETITEMFAILED);
PKIX_DECREF(verifyFail);
verifyFail = PKIX_PL_Cert_VerifySignature
(cert, pKey, plContext);
if (verifyFail == NULL) {
certVerified = PKIX_TRUE;
break;
} else {
certVerified = PKIX_FALSE;
}
PKIX_DECREF(pKey);
}
}
#endif
if (certVerified == PKIX_FALSE) {
pkixErrorResult = verifyFail;
verifyFail = NULL;
PKIX_ERROR(PKIX_VALIDATIONFAILEDCERTSIGNATURECHECKING);
}
#ifdef NIST_TEST_4_5_4_AND_4_5_6
/*
* Check if Cert is self-issued. If so, the old key(s) is saved, in
* conjunction to the new key, for verifying CERT validity later.
*/
PKIX_CHECK(pkix_IsCertSelfIssued(cert, &selfIssued, plContext),
PKIX_ISCERTSELFISSUEFAILED);
/*
* Check if Cert is self-issued. If so, the public key of the Cert
* that issues this Cert (old key) can be used together with this
* current key (new key) for key verification. If there are multiple
* self-issued certs, keys of those Certs (old keys) can also be used
* for key verification. Old key(s) is saved in a list (PrevPublickKey-
* List) and cleared when a Cert is no longer self-issued. PrevPublic-
* Key keep key of the previous Cert.
*/
if (selfIssued == PKIX_TRUE) {
/* Make sure previous Cert is valid for signature verification */
if (state->prevCertCertSign == PKIX_TRUE) {
if (state->prevPublicKeyList == NULL) {
PKIX_CHECK(PKIX_List_Create
(&state->prevPublicKeyList, plContext),
PKIX_LISTCREATEFALIED);
}
PKIX_CHECK(PKIX_List_AppendItem
(state->prevPublicKeyList,
(PKIX_PL_Object *) state->prevPublicKey,
plContext),
PKIX_LISTAPPENDITEMFAILED);
}
} else {
/* Not self-issued Cert any more, clear old key(s) saved */
PKIX_DECREF(state->prevPublicKeyList);
}
#endif
/* Save current key as prevPublicKey */
PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
(cert, &currPubKey, plContext),
PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
PKIX_CHECK(PKIX_PL_PublicKey_MakeInheritedDSAPublicKey
(currPubKey, prevPubKey, &newPubKey, plContext),
PKIX_PUBLICKEYMAKEINHERITEDDSAPUBLICKEYFAILED);
if (newPubKey == NULL){
PKIX_INCREF(currPubKey);
newPubKey = currPubKey;
}
PKIX_INCREF(newPubKey);
PKIX_DECREF(state->prevPublicKey);
state->prevPublicKey = newPubKey;
/* Save this Cert key usage CertSign bit */
if (state->certsRemaining != 0) {
checkKeyUsageFail = PKIX_PL_Cert_VerifyKeyUsage
(cert, PKIX_KEY_CERT_SIGN, plContext);
state->prevCertCertSign = (checkKeyUsageFail == NULL)?
PKIX_TRUE:PKIX_FALSE;
PKIX_DECREF(checkKeyUsageFail);
}
/* Remove Key Usage Extension OID from list */
if (unresolvedCriticalExtensions != NULL) {
PKIX_CHECK(pkix_List_Remove
(unresolvedCriticalExtensions,
(PKIX_PL_Object *) state->keyUsageOID,
plContext),
PKIX_LISTREMOVEFAILED);
}
PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerState
(checker, (PKIX_PL_Object *)state, plContext),
PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED);
cleanup:
PKIX_DECREF(state);
PKIX_DECREF(pKey);
PKIX_DECREF(prevPubKey);
PKIX_DECREF(currPubKey);
PKIX_DECREF(newPubKey);
PKIX_DECREF(basicConstraints);
PKIX_DECREF(verifyFail);
PKIX_DECREF(checkKeyUsageFail);
PKIX_RETURN(CERTCHAINCHECKER);
}
/*
* FUNCTION: pkix_SignatureChecker_Initialize
* DESCRIPTION:
*
* Creates a new CertChainChecker and stores it at "pChecker", where it will
* be used by pkix_SignatureChecker_Check to check that the public key in
* the checker's state is able to successfully validate the certificate's
* signature. The PublicKey pointed to by "trustedPubKey" is used to
* initialize the checker's state.
*
* PARAMETERS:
* "trustedPubKey"
* Address of PublicKey representing the trusted public key used to
* initialize the state of this checker. Must be non-NULL.
* "certsRemaining"
* Number of certificates remaining in the chain.
* "pChecker"
* Address where object pointer will be stored. Must be non-NULL.
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a CertChainChecker Error if the function fails in a non-fatal way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
PKIX_Error *
pkix_SignatureChecker_Initialize(
PKIX_PL_PublicKey *trustedPubKey,
PKIX_UInt32 certsRemaining,
PKIX_CertChainChecker **pChecker,
void *plContext)
{
pkix_SignatureCheckerState* state = NULL;
PKIX_ENTER(CERTCHAINCHECKER, "PKIX_SignatureChecker_Initialize");
PKIX_NULLCHECK_TWO(pChecker, trustedPubKey);
PKIX_CHECK(pkix_SignatureCheckerState_Create
(trustedPubKey, certsRemaining, &state, plContext),
PKIX_SIGNATURECHECKERSTATECREATEFAILED);
PKIX_CHECK(PKIX_CertChainChecker_Create
(pkix_SignatureChecker_Check,
PKIX_FALSE,
PKIX_FALSE,
NULL,
(PKIX_PL_Object *) state,
pChecker,
plContext),
PKIX_CERTCHAINCHECKERCREATEFAILED);
cleanup:
PKIX_DECREF(state);
PKIX_RETURN(CERTCHAINCHECKER);
}