/security/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.c
C | 475 lines | 231 code | 75 blank | 169 comment | 32 complexity | f0bd32d85db3787f5f42f7c03d080d51 MD5 | raw file
1/* ***** BEGIN LICENSE BLOCK ***** 2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 3 * 4 * The contents of this file are subject to the Mozilla Public License Version 5 * 1.1 (the "License"); you may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * http://www.mozilla.org/MPL/ 8 * 9 * Software distributed under the License is distributed on an "AS IS" basis, 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 11 * for the specific language governing rights and limitations under the 12 * License. 13 * 14 * The Original Code is the PKIX-C library. 15 * 16 * The Initial Developer of the Original Code is 17 * Sun Microsystems, Inc. 18 * Portions created by the Initial Developer are 19 * Copyright 2004-2007 Sun Microsystems, Inc. All Rights Reserved. 20 * 21 * Contributor(s): 22 * Sun Microsystems, Inc. 23 * 24 * Alternatively, the contents of this file may be used under the terms of 25 * either the GNU General Public License Version 2 or later (the "GPL"), or 26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), 27 * in which case the provisions of the GPL or the LGPL are applicable instead 28 * of those above. If you wish to allow use of your version of this file only 29 * under the terms of either the GPL or the LGPL, and not to allow others to 30 * use your version of this file under the terms of the MPL, indicate your 31 * decision by deleting the provisions above and replace them with the notice 32 * and other provisions required by the GPL or the LGPL. If you do not delete 33 * the provisions above, a recipient may use your version of this file under 34 * the terms of any one of the MPL, the GPL or the LGPL. 35 * 36 * ***** END LICENSE BLOCK ***** */ 37/* 38 * pkix_signaturechecker.c 39 * 40 * Functions for signature validation 41 * 42 */ 43 44#include "pkix_signaturechecker.h" 45 46/* 47 * FUNCTION: pkix_SignatureCheckerstate_Destroy 48 * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h) 49 */ 50static PKIX_Error * 51pkix_SignatureCheckerState_Destroy( 52 PKIX_PL_Object *object, 53 void *plContext) 54{ 55 pkix_SignatureCheckerState *state = NULL; 56 57 PKIX_ENTER(SIGNATURECHECKERSTATE, 58 "pkix_SignatureCheckerState_Destroy"); 59 PKIX_NULLCHECK_ONE(object); 60 61 /* Check that this object is a signature checker state */ 62 PKIX_CHECK(pkix_CheckType 63 (object, PKIX_SIGNATURECHECKERSTATE_TYPE, plContext), 64 PKIX_OBJECTNOTSIGNATURECHECKERSTATE); 65 66 state = (pkix_SignatureCheckerState *) object; 67 68 state->prevCertCertSign = PKIX_FALSE; 69 70 PKIX_DECREF(state->prevPublicKey); 71 PKIX_DECREF(state->prevPublicKeyList); 72 PKIX_DECREF(state->keyUsageOID); 73 74cleanup: 75 76 PKIX_RETURN(SIGNATURECHECKERSTATE); 77} 78 79/* 80 * FUNCTION: pkix_SignatureCheckerState_RegisterSelf 81 * 82 * DESCRIPTION: 83 * Registers PKIX_SIGNATURECHECKERSTATE_TYPE and its related functions 84 * with systemClasses[] 85 * 86 * THREAD SAFETY: 87 * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) 88 * 89 * Since this function is only called by PKIX_PL_Initialize, which should 90 * only be called once, it is acceptable that this function is not 91 * thread-safe. 92 */ 93PKIX_Error * 94pkix_SignatureCheckerState_RegisterSelf(void *plContext) 95{ 96 extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; 97 pkix_ClassTable_Entry entry; 98 99 PKIX_ENTER(SIGNATURECHECKERSTATE, 100 "pkix_SignatureCheckerState_RegisterSelf"); 101 102 entry.description = "SignatureCheckerState"; 103 entry.objCounter = 0; 104 entry.typeObjectSize = sizeof(pkix_SignatureCheckerState); 105 entry.destructor = pkix_SignatureCheckerState_Destroy; 106 entry.equalsFunction = NULL; 107 entry.hashcodeFunction = NULL; 108 entry.toStringFunction = NULL; 109 entry.comparator = NULL; 110 entry.duplicateFunction = NULL; 111 112 systemClasses[PKIX_SIGNATURECHECKERSTATE_TYPE] = entry; 113 114 PKIX_RETURN(SIGNATURECHECKERSTATE); 115} 116 117/* 118 * FUNCTION: pkix_SignatureCheckerState_Create 119 * 120 * DESCRIPTION: 121 * Allocate and initialize SignatureChecker state data. 122 * 123 * PARAMETERS 124 * "trustedPubKey" 125 * Address of trusted Anchor Public Key for verifying first Cert in the 126 * chain. Must be non-NULL. 127 * "certsRemaining" 128 * Number of certificates remaining in the chain. 129 * "pCheckerState" 130 * Address where SignatureCheckerState will be stored. Must be non-NULL. 131 * "plContext" 132 * Platform-specific context pointer. 133 * 134 * THREAD SAFETY: 135 * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide) 136 * 137 * RETURNS: 138 * Returns NULL if the function succeeds. 139 * Returns a SignatureCheckerState Error if the function fails in a 140 * non-fatal way. 141 * Returns a Fatal Error if the function fails in an unrecoverable way. 142 */ 143static PKIX_Error * 144pkix_SignatureCheckerState_Create( 145 PKIX_PL_PublicKey *trustedPubKey, 146 PKIX_UInt32 certsRemaining, 147 pkix_SignatureCheckerState **pCheckerState, 148 void *plContext) 149{ 150 pkix_SignatureCheckerState *state = NULL; 151 PKIX_PL_OID *keyUsageOID = NULL; 152 153 PKIX_ENTER(SIGNATURECHECKERSTATE, "pkix_SignatureCheckerState_Create"); 154 PKIX_NULLCHECK_TWO(trustedPubKey, pCheckerState); 155 156 PKIX_CHECK(PKIX_PL_Object_Alloc 157 (PKIX_SIGNATURECHECKERSTATE_TYPE, 158 sizeof (pkix_SignatureCheckerState), 159 (PKIX_PL_Object **)&state, 160 plContext), 161 PKIX_COULDNOTCREATESIGNATURECHECKERSTATEOBJECT); 162 163 /* Initialize fields */ 164 165 state->prevCertCertSign = PKIX_TRUE; 166 state->prevPublicKeyList = NULL; 167 state->certsRemaining = certsRemaining; 168 169 PKIX_INCREF(trustedPubKey); 170 state->prevPublicKey = trustedPubKey; 171 172 PKIX_CHECK(PKIX_PL_OID_Create 173 (PKIX_CERTKEYUSAGE_OID, 174 &keyUsageOID, 175 plContext), 176 PKIX_OIDCREATEFAILED); 177 178 state->keyUsageOID = keyUsageOID; 179 keyUsageOID = NULL; 180 181 *pCheckerState = state; 182 state = NULL; 183 184cleanup: 185 186 PKIX_DECREF(keyUsageOID); 187 PKIX_DECREF(state); 188 189 PKIX_RETURN(SIGNATURECHECKERSTATE); 190} 191 192/* --Private-Functions-------------------------------------------- */ 193 194/* 195 * FUNCTION: pkix_SignatureChecker_Check 196 * (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h) 197 */ 198PKIX_Error * 199pkix_SignatureChecker_Check( 200 PKIX_CertChainChecker *checker, 201 PKIX_PL_Cert *cert, 202 PKIX_List *unresolvedCriticalExtensions, 203 void **pNBIOContext, 204 void *plContext) 205{ 206 pkix_SignatureCheckerState *state = NULL; 207 PKIX_PL_PublicKey *prevPubKey = NULL; 208 PKIX_PL_PublicKey *currPubKey = NULL; 209 PKIX_PL_PublicKey *newPubKey = NULL; 210 PKIX_PL_PublicKey *pKey = NULL; 211 PKIX_PL_CertBasicConstraints *basicConstraints = NULL; 212 PKIX_Error *checkKeyUsageFail = NULL; 213 PKIX_Error *verifyFail = NULL; 214 PKIX_Boolean certVerified = PKIX_FALSE; 215 216 PKIX_ENTER(CERTCHAINCHECKER, "pkix_SignatureChecker_Check"); 217 PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext); 218 219 *pNBIOContext = NULL; /* we never block on pending I/O */ 220 221 PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState 222 (checker, (PKIX_PL_Object **)&state, plContext), 223 PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED); 224 225 (state->certsRemaining)--; 226 227 PKIX_INCREF(state->prevPublicKey); 228 prevPubKey = state->prevPublicKey; 229 230 /* 231 * Previous Cert doesn't have CertSign bit on for signature 232 * verification and it is not a self-issued Cert so there is no 233 * old key saved. This is considered error. 234 */ 235 if (state->prevCertCertSign == PKIX_FALSE && 236 state->prevPublicKeyList == NULL) { 237 PKIX_ERROR(PKIX_KEYUSAGEKEYCERTSIGNBITNOTON); 238 } 239 240 /* Previous Cert is valid for signature verification, try it first */ 241 if (state->prevCertCertSign == PKIX_TRUE) { 242 verifyFail = PKIX_PL_Cert_VerifySignature 243 (cert, prevPubKey, plContext); 244 if (verifyFail == NULL) { 245 certVerified = PKIX_TRUE; 246 } else { 247 certVerified = PKIX_FALSE; 248 PKIX_DECREF(verifyFail); 249 } 250 } 251 252#ifdef NIST_TEST_4_5_4_AND_4_5_6 253 254 /* 255 * Following codes under this compiler flag is implemented for 256 * special cases of NIST tests 4.5.4 and 4.5.6. We are not sure 257 * we should handle these two tests as what is implemented so the 258 * codes are commented out, and the tests fails (for now). 259 * For Cert chain validation, our assumption is all the Certs on 260 * the chain are using its previous Cert's public key to decode 261 * its current key. But for thses two tests, keys are used not 262 * in this precedent order, we can either 263 * 1) Use what is implemented here: take in what Cert order NIST 264 * specified and for continuous self-issued Certs, stacking up 265 * their keys and tries all of them in FILO order. 266 * But this method breaks the idea of chain key presdency. 267 * 2) Use Build Chain facility: we will specify the valid Certs 268 * order (means key precedency is kept) and count on Build Chain 269 * to get the Certs that can fill for the needed keys. This may have 270 * performance impact. 271 * 3) Fetch Certs from CertStore: we will specifiy the valid Certs 272 * order and use CertSelector on SubjectName to get a list of 273 * candidates Certs to fill in for the needed keys. 274 * Anyhow, the codes are kept around just in case we want to use 275 * solution one... 276 */ 277 278 /* If failed and previous key is self-issued, try its old key(s) */ 279 if (certVerified == PKIX_FALSE && state->prevPublicKeyList != NULL) { 280 281 /* Verify from keys on the list */ 282 PKIX_CHECK(PKIX_List_GetLength 283 (state->prevPublicKeyList, &numKeys, plContext), 284 PKIX_LISTGETLENGTHFAILED); 285 286 for (i = numKeys - 1; i >= 0; i--) { 287 288 PKIX_CHECK(PKIX_List_GetItem 289 (state->prevPublicKeyList, 290 i, 291 (PKIX_PL_Object **) &pKey, 292 plContext), 293 PKIX_LISTGETITEMFAILED); 294 295 verifyFail = PKIX_PL_Cert_VerifySignature 296 (cert, pKey, plContext); 297 298 if (verifyFail == NULL) { 299 certVerified = PKIX_TRUE; 300 break; 301 } else { 302 certVerified = PKIX_FALSE; 303 PKIX_DECREF(verifyFail); 304 } 305 306 PKIX_DECREF(pKey); 307 } 308 } 309#endif 310 311 if (certVerified == PKIX_FALSE) { 312 PKIX_ERROR(PKIX_VALIDATIONFAILEDCERTSIGNATURECHECKING); 313 } 314 315#ifdef NIST_TEST_4_5_4_AND_4_5_6 316 /* 317 * Check if Cert is self-issued. If so, the old key(s) is saved, in 318 * conjunction to the new key, for verifying CERT validity later. 319 */ 320 PKIX_CHECK(pkix_IsCertSelfIssued(cert, &selfIssued, plContext), 321 PKIX_ISCERTSELFISSUEFAILED); 322 323 /* 324 * Check if Cert is self-issued. If so, the public key of the Cert 325 * that issues this Cert (old key) can be used together with this 326 * current key (new key) for key verification. If there are multiple 327 * self-issued certs, keys of those Certs (old keys) can also be used 328 * for key verification. Old key(s) is saved in a list (PrevPublickKey- 329 * List) and cleared when a Cert is no longer self-issued. PrevPublic- 330 * Key keep key of the previous Cert. 331 */ 332 if (selfIssued == PKIX_TRUE) { 333 334 /* Make sure previous Cert is valid for signature verification */ 335 if (state->prevCertCertSign == PKIX_TRUE) { 336 337 if (state->prevPublicKeyList == NULL) { 338 339 PKIX_CHECK(PKIX_List_Create 340 (&state->prevPublicKeyList, plContext), 341 PKIX_LISTCREATEFALIED); 342 343 } 344 345 PKIX_CHECK(PKIX_List_AppendItem 346 (state->prevPublicKeyList, 347 (PKIX_PL_Object *) state->prevPublicKey, 348 plContext), 349 PKIX_LISTAPPENDITEMFAILED); 350 } 351 352 } else { 353 /* Not self-issued Cert any more, clear old key(s) saved */ 354 PKIX_DECREF(state->prevPublicKeyList); 355 } 356#endif 357 358 /* Save current key as prevPublicKey */ 359 PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey 360 (cert, &currPubKey, plContext), 361 PKIX_CERTGETSUBJECTPUBLICKEYFAILED); 362 363 PKIX_CHECK(PKIX_PL_PublicKey_MakeInheritedDSAPublicKey 364 (currPubKey, prevPubKey, &newPubKey, plContext), 365 PKIX_PUBLICKEYMAKEINHERITEDDSAPUBLICKEYFAILED); 366 367 if (newPubKey == NULL){ 368 PKIX_INCREF(currPubKey); 369 newPubKey = currPubKey; 370 } 371 372 PKIX_INCREF(newPubKey); 373 PKIX_DECREF(state->prevPublicKey); 374 375 state->prevPublicKey = newPubKey; 376 377 /* Save this Cert key usage CertSign bit */ 378 if (state->certsRemaining != 0) { 379 checkKeyUsageFail = PKIX_PL_Cert_VerifyKeyUsage 380 (cert, PKIX_KEY_CERT_SIGN, plContext); 381 382 state->prevCertCertSign = (checkKeyUsageFail == NULL)? 383 PKIX_TRUE:PKIX_FALSE; 384 385 PKIX_DECREF(checkKeyUsageFail); 386 } 387 388 /* Remove Key Usage Extension OID from list */ 389 if (unresolvedCriticalExtensions != NULL) { 390 391 PKIX_CHECK(pkix_List_Remove 392 (unresolvedCriticalExtensions, 393 (PKIX_PL_Object *) state->keyUsageOID, 394 plContext), 395 PKIX_LISTREMOVEFAILED); 396 } 397 398 PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerState 399 (checker, (PKIX_PL_Object *)state, plContext), 400 PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED); 401 402cleanup: 403 404 PKIX_DECREF(state); 405 PKIX_DECREF(pKey); 406 PKIX_DECREF(prevPubKey); 407 PKIX_DECREF(currPubKey); 408 PKIX_DECREF(newPubKey); 409 PKIX_DECREF(basicConstraints); 410 PKIX_DECREF(verifyFail); 411 PKIX_DECREF(checkKeyUsageFail); 412 413 PKIX_RETURN(CERTCHAINCHECKER); 414 415} 416 417/* 418 * FUNCTION: pkix_SignatureChecker_Initialize 419 * DESCRIPTION: 420 * 421 * Creates a new CertChainChecker and stores it at "pChecker", where it will 422 * be used by pkix_SignatureChecker_Check to check that the public key in 423 * the checker's state is able to successfully validate the certificate's 424 * signature. The PublicKey pointed to by "trustedPubKey" is used to 425 * initialize the checker's state. 426 * 427 * PARAMETERS: 428 * "trustedPubKey" 429 * Address of PublicKey representing the trusted public key used to 430 * initialize the state of this checker. Must be non-NULL. 431 * "certsRemaining" 432 * Number of certificates remaining in the chain. 433 * "pChecker" 434 * Address where object pointer will be stored. Must be non-NULL. 435 * "plContext" 436 * Platform-specific context pointer. 437 * THREAD SAFETY: 438 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) 439 * RETURNS: 440 * Returns NULL if the function succeeds. 441 * Returns a CertChainChecker Error if the function fails in a non-fatal way. 442 * Returns a Fatal Error if the function fails in an unrecoverable way. 443 */ 444PKIX_Error * 445pkix_SignatureChecker_Initialize( 446 PKIX_PL_PublicKey *trustedPubKey, 447 PKIX_UInt32 certsRemaining, 448 PKIX_CertChainChecker **pChecker, 449 void *plContext) 450{ 451 pkix_SignatureCheckerState* state = NULL; 452 PKIX_ENTER(CERTCHAINCHECKER, "PKIX_SignatureChecker_Initialize"); 453 PKIX_NULLCHECK_TWO(pChecker, trustedPubKey); 454 455 PKIX_CHECK(pkix_SignatureCheckerState_Create 456 (trustedPubKey, certsRemaining, &state, plContext), 457 PKIX_SIGNATURECHECKERSTATECREATEFAILED); 458 459 PKIX_CHECK(PKIX_CertChainChecker_Create 460 (pkix_SignatureChecker_Check, 461 PKIX_FALSE, 462 PKIX_FALSE, 463 NULL, 464 (PKIX_PL_Object *) state, 465 pChecker, 466 plContext), 467 PKIX_CERTCHAINCHECKERCREATEFAILED); 468 469cleanup: 470 471 PKIX_DECREF(state); 472 473 PKIX_RETURN(CERTCHAINCHECKER); 474 475}