boringssl/pki/simple_path_builder_delegat...

// Copyright 2017 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "simple_path_builder_delegate.h"

#include "cert_error_params.h"
#include "cert_errors.h"
#include "signature_algorithm.h"
#include "signature_verify_cache.h"
#include "verify_signed_data.h"
#include <openssl/bn.h>
#include <openssl/bytestring.h>
#include <openssl/digest.h>
#include <openssl/ec.h>
#include <openssl/ec_key.h>
#include <openssl/evp.h>
#include <openssl/nid.h>
#include <openssl/rsa.h>

namespace bssl {

DEFINE_CERT_ERROR_ID(SimplePathBuilderDelegate::kRsaModulusTooSmall,
                     "RSA modulus too small");

namespace {

DEFINE_CERT_ERROR_ID(kUnacceptableCurveForEcdsa,
                     "Only P-256, P-384, P-521 are supported for ECDSA");

bool IsAcceptableCurveForEcdsa(int curve_nid) {
  switch (curve_nid) {
    case NID_X9_62_prime256v1:
    case NID_secp384r1:
    case NID_secp521r1:
      return true;
  }

  return false;
}

}  // namespace

SimplePathBuilderDelegate::SimplePathBuilderDelegate(
    size_t min_rsa_modulus_length_bits,
    DigestPolicy digest_policy)
    : min_rsa_modulus_length_bits_(min_rsa_modulus_length_bits),
      digest_policy_(digest_policy) {}

void SimplePathBuilderDelegate::CheckPathAfterVerification(
    const CertPathBuilder& path_builder,
    CertPathBuilderResultPath* path) {
  // Do nothing - consider all candidate paths valid.
}

bool SimplePathBuilderDelegate::IsDeadlineExpired() {
  return false;
}

SignatureVerifyCache* SimplePathBuilderDelegate::GetVerifyCache() {
  return nullptr;
}

bool SimplePathBuilderDelegate::IsSignatureAlgorithmAcceptable(
    SignatureAlgorithm algorithm,
    CertErrors* errors) {
  switch (algorithm) {
    case SignatureAlgorithm::kRsaPkcs1Sha1:
    case SignatureAlgorithm::kEcdsaSha1:
      return digest_policy_ == DigestPolicy::kWeakAllowSha1;

    case SignatureAlgorithm::kRsaPkcs1Sha256:
    case SignatureAlgorithm::kRsaPkcs1Sha384:
    case SignatureAlgorithm::kRsaPkcs1Sha512:
    case SignatureAlgorithm::kEcdsaSha256:
    case SignatureAlgorithm::kEcdsaSha384:
    case SignatureAlgorithm::kEcdsaSha512:
    case SignatureAlgorithm::kRsaPssSha256:
    case SignatureAlgorithm::kRsaPssSha384:
    case SignatureAlgorithm::kRsaPssSha512:
      return true;
  }
  return false;
}

bool SimplePathBuilderDelegate::IsPublicKeyAcceptable(EVP_PKEY* public_key,
                                                      CertErrors* errors) {
  int pkey_id = EVP_PKEY_id(public_key);
  if (pkey_id == EVP_PKEY_RSA) {
    // Extract the modulus length from the key.
    RSA* rsa = EVP_PKEY_get0_RSA(public_key);
    if (!rsa)
      return false;
    unsigned int modulus_length_bits = RSA_bits(rsa);

    if (modulus_length_bits < min_rsa_modulus_length_bits_) {
      errors->AddError(
          kRsaModulusTooSmall,
          CreateCertErrorParams2SizeT("actual", modulus_length_bits, "minimum",
                                      min_rsa_modulus_length_bits_));
      return false;
    }

    return true;
  }

  if (pkey_id == EVP_PKEY_EC) {
    // Extract the curve name.
    EC_KEY* ec = EVP_PKEY_get0_EC_KEY(public_key);
    if (!ec)
      return false;  // Unexpected.
    int curve_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));

    if (!IsAcceptableCurveForEcdsa(curve_nid)) {
      errors->AddError(kUnacceptableCurveForEcdsa);
      return false;
    }

    return true;
  }

  // Unexpected key type.
  return false;
}

}  // namespace net
Bring in the core of chromium certificate verifier as libpki Initially this leaves the canonical source in chrome, Additions and fillins are committed directly, the chrome files are coverted using the IMPORT script run from the pki directory for the moment. The intention here is to continue frequent automatic conversion (and avoid wholesale cosmetic changes in here for now) until chrome converts to use these files in place of it's versions. At that point these will become the definiative files, and the IMPORT script can be tossed out. A middle step along the way will be to change google3's verify.cc in third_party/chromium_certificate_verifier to use this instead of it's own extracted copy. Status (and what is not done yet) being roughly tracked in README.md Bug: chromium:1322914 Change-Id: Ibdb5479bc68985fa61ce6b10f98f31f6b3a7cbdf Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/60285 Commit-Queue: Bob Beck <bbe@google.com> Reviewed-by: Adam Langley <agl@google.com> 2 years ago			`// Copyright 2017 The Chromium Authors`
			`// Use of this source code is governed by a BSD-style license that can be`
			`// found in the LICENSE file.`

			`#include "simple_path_builder_delegate.h"`

			`#include "cert_error_params.h"`
			`#include "cert_errors.h"`
			`#include "signature_algorithm.h"`
			`#include "signature_verify_cache.h"`
			`#include "verify_signed_data.h"`
			`#include <openssl/bn.h>`
			`#include <openssl/bytestring.h>`
			`#include <openssl/digest.h>`
			`#include <openssl/ec.h>`
			`#include <openssl/ec_key.h>`
			`#include <openssl/evp.h>`
			`#include <openssl/nid.h>`
			`#include <openssl/rsa.h>`

			`namespace bssl {`

			`DEFINE_CERT_ERROR_ID(SimplePathBuilderDelegate::kRsaModulusTooSmall,`
			`"RSA modulus too small");`

			`namespace {`

			`DEFINE_CERT_ERROR_ID(kUnacceptableCurveForEcdsa,`
			`"Only P-256, P-384, P-521 are supported for ECDSA");`

			`bool IsAcceptableCurveForEcdsa(int curve_nid) {`
			`switch (curve_nid) {`
			`case NID_X9_62_prime256v1:`
			`case NID_secp384r1:`
			`case NID_secp521r1:`
			`return true;`
			`}`

			`return false;`
			`}`

			`} // namespace`

			`SimplePathBuilderDelegate::SimplePathBuilderDelegate(`
			`size_t min_rsa_modulus_length_bits,`
			`DigestPolicy digest_policy)`
			`: min_rsa_modulus_length_bits_(min_rsa_modulus_length_bits),`
			`digest_policy_(digest_policy) {}`

			`void SimplePathBuilderDelegate::CheckPathAfterVerification(`
			`const CertPathBuilder& path_builder,`
			`CertPathBuilderResultPath* path) {`
			`// Do nothing - consider all candidate paths valid.`
			`}`

			`bool SimplePathBuilderDelegate::IsDeadlineExpired() {`
			`return false;`
			`}`

			`SignatureVerifyCache* SimplePathBuilderDelegate::GetVerifyCache() {`
			`return nullptr;`
			`}`

			`bool SimplePathBuilderDelegate::IsSignatureAlgorithmAcceptable(`
			`SignatureAlgorithm algorithm,`
			`CertErrors* errors) {`
			`switch (algorithm) {`
			`case SignatureAlgorithm::kRsaPkcs1Sha1:`
			`case SignatureAlgorithm::kEcdsaSha1:`
			`return digest_policy_ == DigestPolicy::kWeakAllowSha1;`

			`case SignatureAlgorithm::kRsaPkcs1Sha256:`
			`case SignatureAlgorithm::kRsaPkcs1Sha384:`
			`case SignatureAlgorithm::kRsaPkcs1Sha512:`
			`case SignatureAlgorithm::kEcdsaSha256:`
			`case SignatureAlgorithm::kEcdsaSha384:`
			`case SignatureAlgorithm::kEcdsaSha512:`
			`case SignatureAlgorithm::kRsaPssSha256:`
			`case SignatureAlgorithm::kRsaPssSha384:`
			`case SignatureAlgorithm::kRsaPssSha512:`
			`return true;`
			`}`
			`return false;`
			`}`

			`bool SimplePathBuilderDelegate::IsPublicKeyAcceptable(EVP_PKEY* public_key,`
			`CertErrors* errors) {`
			`int pkey_id = EVP_PKEY_id(public_key);`
			`if (pkey_id == EVP_PKEY_RSA) {`
			`// Extract the modulus length from the key.`
			`RSA* rsa = EVP_PKEY_get0_RSA(public_key);`
			`if (!rsa)`
			`return false;`
			`unsigned int modulus_length_bits = RSA_bits(rsa);`

			`if (modulus_length_bits < min_rsa_modulus_length_bits_) {`
			`errors->AddError(`
			`kRsaModulusTooSmall,`
			`CreateCertErrorParams2SizeT("actual", modulus_length_bits, "minimum",`
			`min_rsa_modulus_length_bits_));`
			`return false;`
			`}`

			`return true;`
			`}`

			`if (pkey_id == EVP_PKEY_EC) {`
			`// Extract the curve name.`
			`EC_KEY* ec = EVP_PKEY_get0_EC_KEY(public_key);`
			`if (!ec)`
			`return false; // Unexpected.`
			`int curve_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));`

			`if (!IsAcceptableCurveForEcdsa(curve_nid)) {`
			`errors->AddError(kUnacceptableCurveForEcdsa);`
			`return false;`
			`}`

			`return true;`
			`}`

			`// Unexpected key type.`
			`return false;`
			`}`

			`} // namespace net`