PageRenderTime 34ms CodeModel.GetById 17ms app.highlight 13ms RepoModel.GetById 1ms app.codeStats 0ms

/security/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.c

http://github.com/zpao/v8monkey
C | 475 lines | 231 code | 75 blank | 169 comment | 32 complexity | f0bd32d85db3787f5f42f7c03d080d51 MD5 | raw file
  1/* ***** BEGIN LICENSE BLOCK *****
  2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  3 *
  4 * The contents of this file are subject to the Mozilla Public License Version
  5 * 1.1 (the "License"); you may not use this file except in compliance with
  6 * the License. You may obtain a copy of the License at
  7 * http://www.mozilla.org/MPL/
  8 *
  9 * Software distributed under the License is distributed on an "AS IS" basis,
 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 11 * for the specific language governing rights and limitations under the
 12 * License.
 13 *
 14 * The Original Code is the PKIX-C library.
 15 *
 16 * The Initial Developer of the Original Code is
 17 * Sun Microsystems, Inc.
 18 * Portions created by the Initial Developer are
 19 * Copyright 2004-2007 Sun Microsystems, Inc.  All Rights Reserved.
 20 *
 21 * Contributor(s):
 22 *   Sun Microsystems, Inc.
 23 *
 24 * Alternatively, the contents of this file may be used under the terms of
 25 * either the GNU General Public License Version 2 or later (the "GPL"), or
 26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 27 * in which case the provisions of the GPL or the LGPL are applicable instead
 28 * of those above. If you wish to allow use of your version of this file only
 29 * under the terms of either the GPL or the LGPL, and not to allow others to
 30 * use your version of this file under the terms of the MPL, indicate your
 31 * decision by deleting the provisions above and replace them with the notice
 32 * and other provisions required by the GPL or the LGPL. If you do not delete
 33 * the provisions above, a recipient may use your version of this file under
 34 * the terms of any one of the MPL, the GPL or the LGPL.
 35 *
 36 * ***** END LICENSE BLOCK ***** */
 37/*
 38 * pkix_signaturechecker.c
 39 *
 40 * Functions for signature validation
 41 *
 42 */
 43
 44#include "pkix_signaturechecker.h"
 45
 46/*
 47 * FUNCTION: pkix_SignatureCheckerstate_Destroy
 48 * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
 49 */
 50static PKIX_Error *
 51pkix_SignatureCheckerState_Destroy(
 52        PKIX_PL_Object *object,
 53        void *plContext)
 54{
 55        pkix_SignatureCheckerState *state = NULL;
 56
 57        PKIX_ENTER(SIGNATURECHECKERSTATE,
 58                    "pkix_SignatureCheckerState_Destroy");
 59        PKIX_NULLCHECK_ONE(object);
 60
 61        /* Check that this object is a signature checker state */
 62        PKIX_CHECK(pkix_CheckType
 63                    (object, PKIX_SIGNATURECHECKERSTATE_TYPE, plContext),
 64                    PKIX_OBJECTNOTSIGNATURECHECKERSTATE);
 65
 66        state = (pkix_SignatureCheckerState *) object;
 67
 68        state->prevCertCertSign = PKIX_FALSE;
 69
 70        PKIX_DECREF(state->prevPublicKey);
 71        PKIX_DECREF(state->prevPublicKeyList);
 72        PKIX_DECREF(state->keyUsageOID);
 73
 74cleanup:
 75
 76        PKIX_RETURN(SIGNATURECHECKERSTATE);
 77}
 78
 79/*
 80 * FUNCTION: pkix_SignatureCheckerState_RegisterSelf
 81 *
 82 * DESCRIPTION:
 83 *  Registers PKIX_SIGNATURECHECKERSTATE_TYPE and its related functions
 84 *  with systemClasses[]
 85 *
 86 * THREAD SAFETY:
 87 *  Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
 88 *
 89 *  Since this function is only called by PKIX_PL_Initialize, which should
 90 *  only be called once, it is acceptable that this function is not
 91 *  thread-safe.
 92 */
 93PKIX_Error *
 94pkix_SignatureCheckerState_RegisterSelf(void *plContext)
 95{
 96        extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
 97        pkix_ClassTable_Entry entry;
 98
 99        PKIX_ENTER(SIGNATURECHECKERSTATE,
100                    "pkix_SignatureCheckerState_RegisterSelf");
101
102        entry.description = "SignatureCheckerState";
103        entry.objCounter = 0;
104        entry.typeObjectSize = sizeof(pkix_SignatureCheckerState);
105        entry.destructor = pkix_SignatureCheckerState_Destroy;
106        entry.equalsFunction = NULL;
107        entry.hashcodeFunction = NULL;
108        entry.toStringFunction = NULL;
109        entry.comparator = NULL;
110        entry.duplicateFunction = NULL;
111
112        systemClasses[PKIX_SIGNATURECHECKERSTATE_TYPE] = entry;
113
114        PKIX_RETURN(SIGNATURECHECKERSTATE);
115}
116
117/*
118 * FUNCTION: pkix_SignatureCheckerState_Create
119 *
120 * DESCRIPTION:
121 *  Allocate and initialize SignatureChecker state data.
122 *
123 * PARAMETERS
124 *  "trustedPubKey"
125 *      Address of trusted Anchor Public Key for verifying first Cert in the
126 *      chain. Must be non-NULL.
127 *  "certsRemaining"
128 *      Number of certificates remaining in the chain.
129 *  "pCheckerState"
130 *      Address where SignatureCheckerState will be stored. Must be non-NULL.
131 *  "plContext"
132 *      Platform-specific context pointer.
133 *
134 * THREAD SAFETY:
135 *  Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
136 *
137 * RETURNS:
138 *  Returns NULL if the function succeeds.
139 *  Returns a SignatureCheckerState Error if the function fails in a
140 *  non-fatal way.
141 *  Returns a Fatal Error if the function fails in an unrecoverable way.
142 */
143static PKIX_Error *
144pkix_SignatureCheckerState_Create(
145    PKIX_PL_PublicKey *trustedPubKey,
146    PKIX_UInt32 certsRemaining,
147    pkix_SignatureCheckerState **pCheckerState,
148    void *plContext)
149{
150        pkix_SignatureCheckerState *state = NULL;
151        PKIX_PL_OID *keyUsageOID = NULL;
152
153        PKIX_ENTER(SIGNATURECHECKERSTATE, "pkix_SignatureCheckerState_Create");
154        PKIX_NULLCHECK_TWO(trustedPubKey, pCheckerState);
155
156        PKIX_CHECK(PKIX_PL_Object_Alloc
157                    (PKIX_SIGNATURECHECKERSTATE_TYPE,
158                    sizeof (pkix_SignatureCheckerState),
159                    (PKIX_PL_Object **)&state,
160                    plContext),
161                    PKIX_COULDNOTCREATESIGNATURECHECKERSTATEOBJECT);
162
163        /* Initialize fields */
164
165        state->prevCertCertSign = PKIX_TRUE;
166        state->prevPublicKeyList = NULL;
167        state->certsRemaining = certsRemaining;
168
169        PKIX_INCREF(trustedPubKey);
170        state->prevPublicKey = trustedPubKey;
171
172        PKIX_CHECK(PKIX_PL_OID_Create
173                    (PKIX_CERTKEYUSAGE_OID,
174                    &keyUsageOID,
175                    plContext),
176                    PKIX_OIDCREATEFAILED);
177
178        state->keyUsageOID = keyUsageOID;
179        keyUsageOID = NULL;
180
181        *pCheckerState = state;
182        state = NULL;
183
184cleanup:
185
186        PKIX_DECREF(keyUsageOID);
187        PKIX_DECREF(state); 
188
189        PKIX_RETURN(SIGNATURECHECKERSTATE);
190}
191
192/* --Private-Functions-------------------------------------------- */
193
194/*
195 * FUNCTION: pkix_SignatureChecker_Check
196 * (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
197 */
198PKIX_Error *
199pkix_SignatureChecker_Check(
200        PKIX_CertChainChecker *checker,
201        PKIX_PL_Cert *cert,
202        PKIX_List *unresolvedCriticalExtensions,
203        void **pNBIOContext,
204        void *plContext)
205{
206        pkix_SignatureCheckerState *state = NULL;
207        PKIX_PL_PublicKey *prevPubKey = NULL;
208        PKIX_PL_PublicKey *currPubKey = NULL;
209        PKIX_PL_PublicKey *newPubKey = NULL;
210        PKIX_PL_PublicKey *pKey = NULL;
211        PKIX_PL_CertBasicConstraints *basicConstraints = NULL;
212        PKIX_Error *checkKeyUsageFail = NULL;
213        PKIX_Error *verifyFail = NULL;
214        PKIX_Boolean certVerified = PKIX_FALSE;
215
216        PKIX_ENTER(CERTCHAINCHECKER, "pkix_SignatureChecker_Check");
217        PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
218
219        *pNBIOContext = NULL; /* we never block on pending I/O */
220
221        PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
222                    (checker, (PKIX_PL_Object **)&state, plContext),
223                    PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
224
225        (state->certsRemaining)--;
226
227        PKIX_INCREF(state->prevPublicKey);
228        prevPubKey = state->prevPublicKey;
229
230        /*
231         * Previous Cert doesn't have CertSign bit on for signature
232         * verification and it is not a self-issued Cert so there is no
233         * old key saved. This is considered error.
234         */
235        if (state->prevCertCertSign == PKIX_FALSE &&
236                state->prevPublicKeyList == NULL) {
237                    PKIX_ERROR(PKIX_KEYUSAGEKEYCERTSIGNBITNOTON);
238        }
239
240        /* Previous Cert is valid for signature verification, try it first */
241        if (state->prevCertCertSign == PKIX_TRUE) {
242                verifyFail = PKIX_PL_Cert_VerifySignature
243                        (cert, prevPubKey, plContext);
244                if (verifyFail == NULL) {
245                        certVerified = PKIX_TRUE;
246                } else {
247                        certVerified = PKIX_FALSE;
248                        PKIX_DECREF(verifyFail);
249                }
250        }
251
252#ifdef NIST_TEST_4_5_4_AND_4_5_6
253
254        /*
255         * Following codes under this compiler flag is implemented for
256         * special cases of NIST tests 4.5.4 and 4.5.6. We are not sure
257         * we should handle these two tests as what is implemented so the
258         * codes are commented out, and the tests fails (for now).
259         * For Cert chain validation, our assumption is all the Certs on
260         * the chain are using its previous Cert's public key to decode
261         * its current key. But for thses two tests, keys are used not
262         * in this precedent order, we can either
263         * 1) Use what is implemented here: take in what Cert order NIST
264         *    specified and for continuous self-issued Certs, stacking up
265         *    their keys and tries all of them in FILO order.
266         *    But this method breaks the idea of chain key presdency.
267         * 2) Use Build Chain facility: we will specify the valid Certs
268         *    order (means key precedency is kept) and count on Build Chain
269         *    to get the Certs that can fill for the needed keys. This may have
270         *    performance impact.
271         * 3) Fetch Certs from CertStore: we will specifiy the valid Certs
272         *    order and use CertSelector on SubjectName to get a list of
273         *    candidates Certs to fill in for the needed keys.
274         * Anyhow, the codes are kept around just in case we want to use
275         * solution one...
276         */
277
278        /* If failed and previous key is self-issued, try its old key(s) */
279        if (certVerified == PKIX_FALSE && state->prevPublicKeyList != NULL) {
280
281                /* Verify from keys on the list */
282                PKIX_CHECK(PKIX_List_GetLength
283                        (state->prevPublicKeyList, &numKeys, plContext),
284                        PKIX_LISTGETLENGTHFAILED);
285
286                for (i = numKeys - 1; i >= 0; i--) {
287
288                        PKIX_CHECK(PKIX_List_GetItem
289                                (state->prevPublicKeyList,
290                                i,
291                                (PKIX_PL_Object **) &pKey,
292                                plContext),
293                                PKIX_LISTGETITEMFAILED);
294
295                        verifyFail = PKIX_PL_Cert_VerifySignature
296                                (cert, pKey, plContext);
297
298                        if (verifyFail == NULL) {
299                                certVerified = PKIX_TRUE;
300                                break;
301                        } else {
302                                certVerified = PKIX_FALSE;
303                                PKIX_DECREF(verifyFail);
304                        }
305
306                        PKIX_DECREF(pKey);
307                }
308        }
309#endif
310
311        if (certVerified == PKIX_FALSE) {
312                PKIX_ERROR(PKIX_VALIDATIONFAILEDCERTSIGNATURECHECKING);
313        }
314
315#ifdef NIST_TEST_4_5_4_AND_4_5_6
316        /*
317         * Check if Cert is self-issued. If so, the old key(s) is saved, in
318         * conjunction to the new key, for verifying CERT validity later.
319         */
320        PKIX_CHECK(pkix_IsCertSelfIssued(cert, &selfIssued, plContext),
321                    PKIX_ISCERTSELFISSUEFAILED);
322
323        /*
324         * Check if Cert is self-issued. If so, the public key of the Cert
325         * that issues this Cert (old key) can be used together with this
326         * current key (new key) for key verification. If there are multiple
327         * self-issued certs, keys of those Certs (old keys) can also be used
328         * for key verification. Old key(s) is saved in a list (PrevPublickKey-
329         * List) and cleared when a Cert is no longer self-issued. PrevPublic-
330         * Key keep key of the previous Cert.
331         */
332        if (selfIssued == PKIX_TRUE) {
333
334            /* Make sure previous Cert is valid for signature verification */
335            if (state->prevCertCertSign == PKIX_TRUE) {
336
337                if (state->prevPublicKeyList == NULL) {
338
339                        PKIX_CHECK(PKIX_List_Create
340                                (&state->prevPublicKeyList, plContext),
341                                PKIX_LISTCREATEFALIED);
342
343                }
344
345                PKIX_CHECK(PKIX_List_AppendItem
346                            (state->prevPublicKeyList,
347                            (PKIX_PL_Object *) state->prevPublicKey,
348                            plContext),
349                            PKIX_LISTAPPENDITEMFAILED);
350            }
351
352        } else {
353            /* Not self-issued Cert any more, clear old key(s) saved */
354            PKIX_DECREF(state->prevPublicKeyList);
355        }
356#endif
357
358        /* Save current key as prevPublicKey */
359        PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
360                    (cert, &currPubKey, plContext),
361                    PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
362
363        PKIX_CHECK(PKIX_PL_PublicKey_MakeInheritedDSAPublicKey
364                    (currPubKey, prevPubKey, &newPubKey, plContext),
365                    PKIX_PUBLICKEYMAKEINHERITEDDSAPUBLICKEYFAILED);
366
367        if (newPubKey == NULL){
368                PKIX_INCREF(currPubKey);
369                newPubKey = currPubKey;
370        }
371
372        PKIX_INCREF(newPubKey);
373        PKIX_DECREF(state->prevPublicKey);
374
375        state->prevPublicKey = newPubKey;
376
377        /* Save this Cert key usage CertSign bit */
378        if (state->certsRemaining != 0) {
379                checkKeyUsageFail = PKIX_PL_Cert_VerifyKeyUsage
380                        (cert, PKIX_KEY_CERT_SIGN, plContext);
381
382                state->prevCertCertSign = (checkKeyUsageFail == NULL)?
383                        PKIX_TRUE:PKIX_FALSE;
384
385                PKIX_DECREF(checkKeyUsageFail);
386        }
387
388        /* Remove Key Usage Extension OID from list */
389        if (unresolvedCriticalExtensions != NULL) {
390
391                PKIX_CHECK(pkix_List_Remove
392                            (unresolvedCriticalExtensions,
393                            (PKIX_PL_Object *) state->keyUsageOID,
394                            plContext),
395                            PKIX_LISTREMOVEFAILED);
396        }
397
398        PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerState
399                    (checker, (PKIX_PL_Object *)state, plContext),
400                    PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED);
401
402cleanup:
403
404        PKIX_DECREF(state);
405        PKIX_DECREF(pKey);
406        PKIX_DECREF(prevPubKey);
407        PKIX_DECREF(currPubKey);
408        PKIX_DECREF(newPubKey);
409        PKIX_DECREF(basicConstraints);
410        PKIX_DECREF(verifyFail);
411        PKIX_DECREF(checkKeyUsageFail);
412
413        PKIX_RETURN(CERTCHAINCHECKER);
414
415}
416
417/*
418 * FUNCTION: pkix_SignatureChecker_Initialize
419 * DESCRIPTION:
420 *
421 *  Creates a new CertChainChecker and stores it at "pChecker", where it will
422 *  be used by pkix_SignatureChecker_Check to check that the public key in
423 *  the checker's state is able to successfully validate the certificate's
424 *  signature. The PublicKey pointed to by "trustedPubKey" is used to
425 *  initialize the checker's state.
426 *
427 * PARAMETERS:
428 *  "trustedPubKey"
429 *      Address of PublicKey representing the trusted public key used to
430 *      initialize the state of this checker. Must be non-NULL.
431 *  "certsRemaining"
432 *      Number of certificates remaining in the chain.
433 *  "pChecker"
434 *      Address where object pointer will be stored. Must be non-NULL.
435 *  "plContext"
436 *      Platform-specific context pointer.
437 * THREAD SAFETY:
438 *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
439 * RETURNS:
440 *  Returns NULL if the function succeeds.
441 *  Returns a CertChainChecker Error if the function fails in a non-fatal way.
442 *  Returns a Fatal Error if the function fails in an unrecoverable way.
443 */
444PKIX_Error *
445pkix_SignatureChecker_Initialize(
446        PKIX_PL_PublicKey *trustedPubKey,
447        PKIX_UInt32 certsRemaining,
448        PKIX_CertChainChecker **pChecker,
449        void *plContext)
450{
451        pkix_SignatureCheckerState* state = NULL;
452        PKIX_ENTER(CERTCHAINCHECKER, "PKIX_SignatureChecker_Initialize");
453        PKIX_NULLCHECK_TWO(pChecker, trustedPubKey);
454
455        PKIX_CHECK(pkix_SignatureCheckerState_Create
456                    (trustedPubKey, certsRemaining, &state, plContext),
457                    PKIX_SIGNATURECHECKERSTATECREATEFAILED);
458
459        PKIX_CHECK(PKIX_CertChainChecker_Create
460                    (pkix_SignatureChecker_Check,
461                    PKIX_FALSE,
462                    PKIX_FALSE,
463                    NULL,
464                    (PKIX_PL_Object *) state,
465                    pChecker,
466                    plContext),
467                    PKIX_CERTCHAINCHECKERCREATEFAILED);
468
469cleanup:
470
471        PKIX_DECREF(state);
472
473        PKIX_RETURN(CERTCHAINCHECKER);
474
475}