This source file includes following definitions.
- NetErrorFromOSStatus
- CertStatusFromOSStatus
- CreateTrustPolicies
- GetCertChainInfo
- AppendPublicKeyHashes
- CheckRevocationWithCRLSet
- IsIssuedByKnownRoot
- BuildAndEvaluateSecTrustRef
- IsBadBaltimoreGTECertificate
- RetrySecTrustEvaluateWithAdjustedChain
- SupportsAdditionalTrustAnchors
- VerifyInternal
#include "net/cert/cert_verify_proc_mac.h"
#include <CommonCrypto/CommonDigest.h>
#include <CoreServices/CoreServices.h>
#include <Security/Security.h>
#include <string>
#include <vector>
#include "base/logging.h"
#include "base/mac/mac_logging.h"
#include "base/mac/scoped_cftyperef.h"
#include "base/sha1.h"
#include "base/strings/string_piece.h"
#include "base/synchronization/lock.h"
#include "crypto/mac_security_services_lock.h"
#include "crypto/sha2.h"
#include "net/base/net_errors.h"
#include "net/cert/asn1_util.h"
#include "net/cert/cert_status_flags.h"
#include "net/cert/cert_verifier.h"
#include "net/cert/cert_verify_result.h"
#include "net/cert/crl_set.h"
#include "net/cert/test_root_certs.h"
#include "net/cert/x509_certificate.h"
#include "net/cert/x509_certificate_known_roots_mac.h"
#include "net/cert/x509_util_mac.h"
#ifndef kSecEVOrganizationName
#define kSecEVOrganizationName CFSTR("Organization")
#endif
using base::ScopedCFTypeRef;
namespace net {
namespace {
typedef OSStatus (*SecTrustCopyExtendedResultFuncPtr)(SecTrustRef,
CFDictionaryRef*);
int NetErrorFromOSStatus(OSStatus status) {
switch (status) {
case noErr:
return OK;
case errSecNotAvailable:
case errSecNoCertificateModule:
case errSecNoPolicyModule:
return ERR_NOT_IMPLEMENTED;
case errSecAuthFailed:
return ERR_ACCESS_DENIED;
default: {
OSSTATUS_LOG(ERROR, status) << "Unknown error mapped to ERR_FAILED";
return ERR_FAILED;
}
}
}
CertStatus CertStatusFromOSStatus(OSStatus status) {
switch (status) {
case noErr:
return 0;
case CSSMERR_TP_INVALID_ANCHOR_CERT:
case CSSMERR_TP_NOT_TRUSTED:
case CSSMERR_TP_INVALID_CERT_AUTHORITY:
return CERT_STATUS_AUTHORITY_INVALID;
case CSSMERR_TP_CERT_EXPIRED:
case CSSMERR_TP_CERT_NOT_VALID_YET:
return CERT_STATUS_DATE_INVALID;
case CSSMERR_TP_CERT_REVOKED:
case CSSMERR_TP_CERT_SUSPENDED:
return CERT_STATUS_REVOKED;
case CSSMERR_APPLETP_HOSTNAME_MISMATCH:
return CERT_STATUS_COMMON_NAME_INVALID;
case CSSMERR_APPLETP_CRL_NOT_FOUND:
case CSSMERR_APPLETP_OCSP_UNAVAILABLE:
case CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK:
return CERT_STATUS_NO_REVOCATION_MECHANISM;
case CSSMERR_APPLETP_CRL_EXPIRED:
case CSSMERR_APPLETP_CRL_NOT_VALID_YET:
case CSSMERR_APPLETP_CRL_SERVER_DOWN:
case CSSMERR_APPLETP_CRL_NOT_TRUSTED:
case CSSMERR_APPLETP_CRL_INVALID_ANCHOR_CERT:
case CSSMERR_APPLETP_CRL_POLICY_FAIL:
case CSSMERR_APPLETP_OCSP_BAD_RESPONSE:
case CSSMERR_APPLETP_OCSP_BAD_REQUEST:
case CSSMERR_APPLETP_OCSP_STATUS_UNRECOGNIZED:
case CSSMERR_APPLETP_NETWORK_FAILURE:
case CSSMERR_APPLETP_OCSP_NOT_TRUSTED:
case CSSMERR_APPLETP_OCSP_INVALID_ANCHOR_CERT:
case CSSMERR_APPLETP_OCSP_SIG_ERROR:
case CSSMERR_APPLETP_OCSP_NO_SIGNER:
case CSSMERR_APPLETP_OCSP_RESP_MALFORMED_REQ:
case CSSMERR_APPLETP_OCSP_RESP_INTERNAL_ERR:
case CSSMERR_APPLETP_OCSP_RESP_TRY_LATER:
case CSSMERR_APPLETP_OCSP_RESP_SIG_REQUIRED:
case CSSMERR_APPLETP_OCSP_RESP_UNAUTHORIZED:
case CSSMERR_APPLETP_OCSP_NONCE_MISMATCH:
return CERT_STATUS_UNABLE_TO_CHECK_REVOCATION;
case CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE:
return CERT_STATUS_INVALID;
case CSSMERR_APPLETP_CRL_BAD_URI:
case CSSMERR_APPLETP_IDP_FAIL:
return CERT_STATUS_INVALID;
case CSSMERR_CSP_UNSUPPORTED_KEY_SIZE:
return CERT_STATUS_WEAK_KEY;
default: {
OSSTATUS_LOG(WARNING, status)
<< "Unknown error mapped to CERT_STATUS_INVALID";
return CERT_STATUS_INVALID;
}
}
}
OSStatus CreateTrustPolicies(const std::string& hostname,
int flags,
ScopedCFTypeRef<CFArrayRef>* policies) {
ScopedCFTypeRef<CFMutableArrayRef> local_policies(
CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks));
if (!local_policies)
return memFullErr;
SecPolicyRef ssl_policy;
OSStatus status = x509_util::CreateSSLServerPolicy(hostname, &ssl_policy);
if (status)
return status;
CFArrayAppendValue(local_policies, ssl_policy);
CFRelease(ssl_policy);
status = x509_util::CreateRevocationPolicies(
(flags & CertVerifier::VERIFY_REV_CHECKING_ENABLED),
(flags & CertVerifier::VERIFY_REV_CHECKING_ENABLED_EV_ONLY),
local_policies);
if (status)
return status;
policies->reset(local_policies.release());
return noErr;
}
void GetCertChainInfo(CFArrayRef cert_chain,
CSSM_TP_APPLE_EVIDENCE_INFO* chain_info,
CertVerifyResult* verify_result) {
SecCertificateRef verified_cert = NULL;
std::vector<SecCertificateRef> verified_chain;
for (CFIndex i = 0, count = CFArrayGetCount(cert_chain); i < count; ++i) {
SecCertificateRef chain_cert = reinterpret_cast<SecCertificateRef>(
const_cast<void*>(CFArrayGetValueAtIndex(cert_chain, i)));
if (i == 0) {
verified_cert = chain_cert;
} else {
verified_chain.push_back(chain_cert);
}
if ((chain_info[i].StatusBits & CSSM_CERT_STATUS_IS_IN_ANCHORS) ||
(chain_info[i].StatusBits & CSSM_CERT_STATUS_IS_ROOT)) {
continue;
}
x509_util::CSSMCachedCertificate cached_cert;
OSStatus status = cached_cert.Init(chain_cert);
if (status)
continue;
x509_util::CSSMFieldValue signature_field;
status = cached_cert.GetField(&CSSMOID_X509V1SignatureAlgorithm,
&signature_field);
if (status || !signature_field.field())
continue;
const CSSM_X509_ALGORITHM_IDENTIFIER* sig_algorithm =
signature_field.GetAs<CSSM_X509_ALGORITHM_IDENTIFIER>();
if (!sig_algorithm)
continue;
const CSSM_OID* alg_oid = &sig_algorithm->algorithm;
if (CSSMOIDEqual(alg_oid, &CSSMOID_MD2WithRSA)) {
verify_result->has_md2 = true;
} else if (CSSMOIDEqual(alg_oid, &CSSMOID_MD4WithRSA)) {
verify_result->has_md4 = true;
} else if (CSSMOIDEqual(alg_oid, &CSSMOID_MD5WithRSA)) {
verify_result->has_md5 = true;
}
}
if (!verified_cert)
return;
verify_result->verified_cert =
X509Certificate::CreateFromHandle(verified_cert, verified_chain);
}
void AppendPublicKeyHashes(CFArrayRef chain,
HashValueVector* hashes) {
const CFIndex n = CFArrayGetCount(chain);
for (CFIndex i = 0; i < n; i++) {
SecCertificateRef cert = reinterpret_cast<SecCertificateRef>(
const_cast<void*>(CFArrayGetValueAtIndex(chain, i)));
CSSM_DATA cert_data;
OSStatus err = SecCertificateGetData(cert, &cert_data);
DCHECK_EQ(err, noErr);
base::StringPiece der_bytes(reinterpret_cast<const char*>(cert_data.Data),
cert_data.Length);
base::StringPiece spki_bytes;
if (!asn1::ExtractSPKIFromDERCert(der_bytes, &spki_bytes))
continue;
HashValue sha1(HASH_VALUE_SHA1);
CC_SHA1(spki_bytes.data(), spki_bytes.size(), sha1.data());
hashes->push_back(sha1);
HashValue sha256(HASH_VALUE_SHA256);
CC_SHA256(spki_bytes.data(), spki_bytes.size(), sha256.data());
hashes->push_back(sha256);
}
}
bool CheckRevocationWithCRLSet(CFArrayRef chain, CRLSet* crl_set) {
if (CFArrayGetCount(chain) == 0)
return true;
std::string issuer_spki_hash;
for (CFIndex i = CFArrayGetCount(chain) - 1; i >= 0; i--) {
SecCertificateRef cert = reinterpret_cast<SecCertificateRef>(
const_cast<void*>(CFArrayGetValueAtIndex(chain, i)));
CSSM_DATA cert_data;
OSStatus err = SecCertificateGetData(cert, &cert_data);
if (err != noErr) {
NOTREACHED();
continue;
}
base::StringPiece der_bytes(reinterpret_cast<const char*>(cert_data.Data),
cert_data.Length);
base::StringPiece spki;
if (!asn1::ExtractSPKIFromDERCert(der_bytes, &spki)) {
NOTREACHED();
continue;
}
const std::string spki_hash = crypto::SHA256HashString(spki);
x509_util::CSSMCachedCertificate cached_cert;
if (cached_cert.Init(cert) != CSSM_OK) {
NOTREACHED();
continue;
}
x509_util::CSSMFieldValue serial_number;
err = cached_cert.GetField(&CSSMOID_X509V1SerialNumber, &serial_number);
if (err || !serial_number.field()) {
NOTREACHED();
continue;
}
base::StringPiece serial(
reinterpret_cast<const char*>(serial_number.field()->Data),
serial_number.field()->Length);
CRLSet::Result result = crl_set->CheckSPKI(spki_hash);
if (result != CRLSet::REVOKED && !issuer_spki_hash.empty())
result = crl_set->CheckSerial(serial, issuer_spki_hash);
issuer_spki_hash = spki_hash;
switch (result) {
case CRLSet::REVOKED:
return false;
case CRLSet::UNKNOWN:
case CRLSet::GOOD:
continue;
default:
NOTREACHED();
return false;
}
}
return true;
}
bool IsIssuedByKnownRoot(CFArrayRef chain) {
int n = CFArrayGetCount(chain);
if (n < 1)
return false;
SecCertificateRef root_ref = reinterpret_cast<SecCertificateRef>(
const_cast<void*>(CFArrayGetValueAtIndex(chain, n - 1)));
SHA1HashValue hash = X509Certificate::CalculateFingerprint(root_ref);
return IsSHA1HashInSortedArray(
hash, &kKnownRootCertSHA1Hashes[0][0], sizeof(kKnownRootCertSHA1Hashes));
}
int BuildAndEvaluateSecTrustRef(CFArrayRef cert_array,
CFArrayRef trust_policies,
int flags,
ScopedCFTypeRef<SecTrustRef>* trust_ref,
SecTrustResultType* trust_result,
ScopedCFTypeRef<CFArrayRef>* verified_chain,
CSSM_TP_APPLE_EVIDENCE_INFO** chain_info) {
SecTrustRef tmp_trust = NULL;
OSStatus status = SecTrustCreateWithCertificates(cert_array, trust_policies,
&tmp_trust);
if (status)
return NetErrorFromOSStatus(status);
ScopedCFTypeRef<SecTrustRef> scoped_tmp_trust(tmp_trust);
if (TestRootCerts::HasInstance()) {
status = TestRootCerts::GetInstance()->FixupSecTrustRef(tmp_trust);
if (status)
return NetErrorFromOSStatus(status);
}
CSSM_APPLE_TP_ACTION_DATA tp_action_data;
memset(&tp_action_data, 0, sizeof(tp_action_data));
tp_action_data.Version = CSSM_APPLE_TP_ACTION_VERSION;
tp_action_data.ActionFlags = CSSM_TP_ACTION_FETCH_CERT_FROM_NET |
CSSM_TP_ACTION_TRUST_SETTINGS;
if (flags & CertVerifier::VERIFY_REV_CHECKING_ENABLED) {
tp_action_data.ActionFlags |= CSSM_TP_ACTION_REQUIRE_REV_PER_CERT;
}
CFDataRef action_data_ref =
CFDataCreateWithBytesNoCopy(kCFAllocatorDefault,
reinterpret_cast<UInt8*>(&tp_action_data),
sizeof(tp_action_data), kCFAllocatorNull);
if (!action_data_ref)
return ERR_OUT_OF_MEMORY;
ScopedCFTypeRef<CFDataRef> scoped_action_data_ref(action_data_ref);
status = SecTrustSetParameters(tmp_trust, CSSM_TP_ACTION_DEFAULT,
action_data_ref);
if (status)
return NetErrorFromOSStatus(status);
SecTrustResultType tmp_trust_result;
status = SecTrustEvaluate(tmp_trust, &tmp_trust_result);
if (status)
return NetErrorFromOSStatus(status);
CFArrayRef tmp_verified_chain = NULL;
CSSM_TP_APPLE_EVIDENCE_INFO* tmp_chain_info;
status = SecTrustGetResult(tmp_trust, &tmp_trust_result, &tmp_verified_chain,
&tmp_chain_info);
if (status)
return NetErrorFromOSStatus(status);
trust_ref->swap(scoped_tmp_trust);
*trust_result = tmp_trust_result;
verified_chain->reset(tmp_verified_chain);
*chain_info = tmp_chain_info;
return OK;
}
bool IsBadBaltimoreGTECertificate(SecCertificateRef cert) {
static const SHA1HashValue kBadBaltimoreHashNew =
{ { 0x4D, 0x34, 0xEA, 0x92, 0x76, 0x4B, 0x3A, 0x31, 0x49, 0x11,
0x99, 0x52, 0xF4, 0x19, 0x30, 0xCA, 0x11, 0x34, 0x83, 0x61 } };
static const SHA1HashValue kBadBaltimoreHashOld =
{ { 0x54, 0xD8, 0xCB, 0x49, 0x1F, 0xA1, 0x6D, 0xF8, 0x87, 0xDC,
0x94, 0xA9, 0x34, 0xCC, 0x83, 0x6B, 0xDA, 0xA8, 0xA3, 0x69 } };
SHA1HashValue fingerprint = X509Certificate::CalculateFingerprint(cert);
return fingerprint.Equals(kBadBaltimoreHashNew) ||
fingerprint.Equals(kBadBaltimoreHashOld);
}
void RetrySecTrustEvaluateWithAdjustedChain(
CFArrayRef cert_array,
CFArrayRef trust_policies,
int flags,
ScopedCFTypeRef<SecTrustRef>* trust_ref,
SecTrustResultType* trust_result,
ScopedCFTypeRef<CFArrayRef>* verified_chain,
CSSM_TP_APPLE_EVIDENCE_INFO** chain_info) {
CFIndex count = CFArrayGetCount(*verified_chain);
CFIndex slice_point = 0;
for (CFIndex i = 1; i < count; ++i) {
SecCertificateRef cert = reinterpret_cast<SecCertificateRef>(
const_cast<void*>(CFArrayGetValueAtIndex(*verified_chain, i)));
if (cert == NULL)
return;
if (IsBadBaltimoreGTECertificate(cert)) {
slice_point = i;
break;
}
}
if (slice_point == 0)
return;
ScopedCFTypeRef<CFMutableArrayRef> adjusted_cert_array(
CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks));
CFArrayAppendArray(adjusted_cert_array, cert_array,
CFRangeMake(0, slice_point));
BuildAndEvaluateSecTrustRef(
adjusted_cert_array, trust_policies, flags, trust_ref, trust_result,
verified_chain, chain_info);
}
}
CertVerifyProcMac::CertVerifyProcMac() {}
CertVerifyProcMac::~CertVerifyProcMac() {}
bool CertVerifyProcMac::SupportsAdditionalTrustAnchors() const {
return false;
}
int CertVerifyProcMac::VerifyInternal(
X509Certificate* cert,
const std::string& hostname,
int flags,
CRLSet* crl_set,
const CertificateList& additional_trust_anchors,
CertVerifyResult* verify_result) {
ScopedCFTypeRef<CFArrayRef> trust_policies;
OSStatus status = CreateTrustPolicies(hostname, flags, &trust_policies);
if (status)
return NetErrorFromOSStatus(status);
ScopedCFTypeRef<CFArrayRef> cert_array(cert->CreateOSCertChainForCert());
base::AutoLock lock(crypto::GetMacSecurityServicesLock());
ScopedCFTypeRef<SecTrustRef> trust_ref;
SecTrustResultType trust_result = kSecTrustResultDeny;
ScopedCFTypeRef<CFArrayRef> completed_chain;
CSSM_TP_APPLE_EVIDENCE_INFO* chain_info = NULL;
int rv = BuildAndEvaluateSecTrustRef(
cert_array, trust_policies, flags, &trust_ref, &trust_result,
&completed_chain, &chain_info);
if (rv != OK)
return rv;
if (trust_result != kSecTrustResultUnspecified &&
trust_result != kSecTrustResultProceed) {
RetrySecTrustEvaluateWithAdjustedChain(
cert_array, trust_policies, flags, &trust_ref, &trust_result,
&completed_chain, &chain_info);
}
if (flags & CertVerifier::VERIFY_REV_CHECKING_ENABLED)
verify_result->cert_status |= CERT_STATUS_REV_CHECKING_ENABLED;
if (crl_set && !CheckRevocationWithCRLSet(completed_chain, crl_set))
verify_result->cert_status |= CERT_STATUS_REVOKED;
GetCertChainInfo(completed_chain, chain_info, verify_result);
bool policy_failed = false;
bool weak_key_or_signature_algorithm = false;
OSStatus cssm_result;
switch (trust_result) {
case kSecTrustResultUnspecified:
case kSecTrustResultProceed:
break;
case kSecTrustResultDeny:
verify_result->cert_status |= CERT_STATUS_AUTHORITY_INVALID;
break;
case kSecTrustResultRecoverableTrustFailure:
status = SecTrustGetCssmResultCode(trust_ref, &cssm_result);
if (status)
return NetErrorFromOSStatus(status);
if (cssm_result == CSSMERR_TP_VERIFY_ACTION_FAILED) {
policy_failed = true;
} else {
verify_result->cert_status |= CertStatusFromOSStatus(cssm_result);
}
for (CFIndex index = 0, chain_count = CFArrayGetCount(completed_chain);
index < chain_count; ++index) {
if (chain_info[index].StatusBits & CSSM_CERT_STATUS_EXPIRED ||
chain_info[index].StatusBits & CSSM_CERT_STATUS_NOT_VALID_YET)
verify_result->cert_status |= CERT_STATUS_DATE_INVALID;
if (!IsCertStatusError(verify_result->cert_status) &&
chain_info[index].NumStatusCodes == 0) {
LOG(WARNING) << "chain_info[" << index << "].NumStatusCodes is 0"
", chain_info[" << index << "].StatusBits is "
<< chain_info[index].StatusBits;
}
for (uint32 status_code_index = 0;
status_code_index < chain_info[index].NumStatusCodes;
++status_code_index) {
CertStatus mapped_status = 0;
if (policy_failed &&
chain_info[index].StatusCodes[status_code_index] ==
CSSMERR_TP_INVALID_CERTIFICATE) {
mapped_status = CERT_STATUS_WEAK_SIGNATURE_ALGORITHM;
weak_key_or_signature_algorithm = true;
} else {
mapped_status = CertStatusFromOSStatus(
chain_info[index].StatusCodes[status_code_index]);
if (mapped_status == CERT_STATUS_WEAK_KEY)
weak_key_or_signature_algorithm = true;
}
verify_result->cert_status |= mapped_status;
}
}
if (policy_failed && !weak_key_or_signature_algorithm) {
verify_result->cert_status |= CertStatusFromOSStatus(cssm_result);
}
if (!IsCertStatusError(verify_result->cert_status)) {
LOG(ERROR) << "cssm_result=" << cssm_result;
verify_result->cert_status |= CERT_STATUS_INVALID;
NOTREACHED();
}
break;
default:
status = SecTrustGetCssmResultCode(trust_ref, &cssm_result);
if (status)
return NetErrorFromOSStatus(status);
verify_result->cert_status |= CertStatusFromOSStatus(cssm_result);
if (!IsCertStatusError(verify_result->cert_status)) {
LOG(WARNING) << "trust_result=" << trust_result;
verify_result->cert_status |= CERT_STATUS_INVALID;
}
break;
}
verify_result->cert_status &= ~CERT_STATUS_COMMON_NAME_INVALID;
if (!cert->VerifyNameMatch(hostname,
&verify_result->common_name_fallback_used)) {
verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID;
}
verify_result->cert_status &= ~CERT_STATUS_NO_REVOCATION_MECHANISM;
AppendPublicKeyHashes(completed_chain, &verify_result->public_key_hashes);
verify_result->is_issued_by_known_root = IsIssuedByKnownRoot(completed_chain);
if (IsCertStatusError(verify_result->cert_status))
return MapCertStatusToNetError(verify_result->cert_status);
if (flags & CertVerifier::VERIFY_EV_CERT) {
CFBundleRef bundle =
CFBundleGetBundleWithIdentifier(CFSTR("com.apple.security"));
if (bundle) {
SecTrustCopyExtendedResultFuncPtr copy_extended_result =
reinterpret_cast<SecTrustCopyExtendedResultFuncPtr>(
CFBundleGetFunctionPointerForName(bundle,
CFSTR("SecTrustCopyExtendedResult")));
if (copy_extended_result) {
CFDictionaryRef ev_dict_temp = NULL;
status = copy_extended_result(trust_ref, &ev_dict_temp);
ScopedCFTypeRef<CFDictionaryRef> ev_dict(ev_dict_temp);
ev_dict_temp = NULL;
if (status == noErr && ev_dict) {
if (CFDictionaryContainsKey(ev_dict,
kSecEVOrganizationName)) {
verify_result->cert_status |= CERT_STATUS_IS_EV;
if (flags & CertVerifier::VERIFY_REV_CHECKING_ENABLED_EV_ONLY)
verify_result->cert_status |= CERT_STATUS_REV_CHECKING_ENABLED;
}
}
}
}
}
return OK;
}
}