123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389 |
- /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
- /* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
- #include "AppTrustDomain.h"
- #include "MainThreadUtils.h"
- #include "certdb.h"
- #include "mozilla/ArrayUtils.h"
- #include "mozilla/Casting.h"
- #include "mozilla/Preferences.h"
- #include "nsComponentManagerUtils.h"
- #include "nsIFile.h"
- #include "nsIFileStreams.h"
- #include "nsIX509CertDB.h"
- #include "nsNSSCertificate.h"
- #include "nsNetUtil.h"
- #include "pkix/pkixnss.h"
- #include "prerror.h"
- #include "secerr.h"
- // Generated in Makefile.in
- #include "marketplace-prod-public.inc"
- #include "marketplace-prod-reviewers.inc"
- #include "marketplace-dev-public.inc"
- #include "marketplace-dev-reviewers.inc"
- #include "marketplace-stage.inc"
- #include "xpcshell.inc"
- // Trusted Hosted Apps Certificates
- #include "manifest-signing-root.inc"
- #include "manifest-signing-test-root.inc"
- // Add-on signing Certificates
- #include "addons-public.inc"
- #include "addons-stage.inc"
- // Privileged Package Certificates
- #include "privileged-package-root.inc"
- using namespace mozilla::pkix;
- extern mozilla::LazyLogModule gPIPNSSLog;
- static const unsigned int DEFAULT_MIN_RSA_BITS = 2048;
- static char kDevImportedDER[] =
- "network.http.signed-packages.developer-root";
- namespace mozilla { namespace psm {
- StaticMutex AppTrustDomain::sMutex;
- UniquePtr<unsigned char[]> AppTrustDomain::sDevImportedDERData;
- unsigned int AppTrustDomain::sDevImportedDERLen = 0;
- AppTrustDomain::AppTrustDomain(UniqueCERTCertList& certChain, void* pinArg)
- : mCertChain(certChain)
- , mPinArg(pinArg)
- , mMinRSABits(DEFAULT_MIN_RSA_BITS)
- {
- }
- SECStatus
- AppTrustDomain::SetTrustedRoot(AppTrustedRoot trustedRoot)
- {
- SECItem trustedDER;
- // Load the trusted certificate into the in-memory NSS database so that
- // CERT_CreateSubjectCertList can find it.
- switch (trustedRoot)
- {
- case nsIX509CertDB::AppMarketplaceProdPublicRoot:
- trustedDER.data = const_cast<uint8_t*>(marketplaceProdPublicRoot);
- trustedDER.len = mozilla::ArrayLength(marketplaceProdPublicRoot);
- break;
- case nsIX509CertDB::AppMarketplaceProdReviewersRoot:
- trustedDER.data = const_cast<uint8_t*>(marketplaceProdReviewersRoot);
- trustedDER.len = mozilla::ArrayLength(marketplaceProdReviewersRoot);
- break;
- case nsIX509CertDB::AppMarketplaceDevPublicRoot:
- trustedDER.data = const_cast<uint8_t*>(marketplaceDevPublicRoot);
- trustedDER.len = mozilla::ArrayLength(marketplaceDevPublicRoot);
- break;
- case nsIX509CertDB::AppMarketplaceDevReviewersRoot:
- trustedDER.data = const_cast<uint8_t*>(marketplaceDevReviewersRoot);
- trustedDER.len = mozilla::ArrayLength(marketplaceDevReviewersRoot);
- break;
- case nsIX509CertDB::AppMarketplaceStageRoot:
- trustedDER.data = const_cast<uint8_t*>(marketplaceStageRoot);
- trustedDER.len = mozilla::ArrayLength(marketplaceStageRoot);
- // The staging root was generated with a 1024-bit key.
- mMinRSABits = 1024u;
- break;
- case nsIX509CertDB::AppXPCShellRoot:
- trustedDER.data = const_cast<uint8_t*>(xpcshellRoot);
- trustedDER.len = mozilla::ArrayLength(xpcshellRoot);
- break;
- case nsIX509CertDB::AddonsPublicRoot:
- trustedDER.data = const_cast<uint8_t*>(addonsPublicRoot);
- trustedDER.len = mozilla::ArrayLength(addonsPublicRoot);
- break;
- case nsIX509CertDB::AddonsStageRoot:
- trustedDER.data = const_cast<uint8_t*>(addonsStageRoot);
- trustedDER.len = mozilla::ArrayLength(addonsStageRoot);
- break;
- case nsIX509CertDB::PrivilegedPackageRoot:
- trustedDER.data = const_cast<uint8_t*>(privilegedPackageRoot);
- trustedDER.len = mozilla::ArrayLength(privilegedPackageRoot);
- break;
- case nsIX509CertDB::DeveloperImportedRoot: {
- StaticMutexAutoLock lock(sMutex);
- if (!sDevImportedDERData) {
- MOZ_ASSERT(!NS_IsMainThread());
- nsCOMPtr<nsIFile> file(do_CreateInstance("@mozilla.org/file/local;1"));
- if (!file) {
- PR_SetError(SEC_ERROR_IO, 0);
- return SECFailure;
- }
- nsresult rv = file->InitWithNativePath(
- Preferences::GetCString(kDevImportedDER));
- if (NS_FAILED(rv)) {
- PR_SetError(SEC_ERROR_IO, 0);
- return SECFailure;
- }
- nsCOMPtr<nsIInputStream> inputStream;
- NS_NewLocalFileInputStream(getter_AddRefs(inputStream), file, -1, -1,
- nsIFileInputStream::CLOSE_ON_EOF);
- if (!inputStream) {
- PR_SetError(SEC_ERROR_IO, 0);
- return SECFailure;
- }
- uint64_t length;
- rv = inputStream->Available(&length);
- if (NS_FAILED(rv)) {
- PR_SetError(SEC_ERROR_IO, 0);
- return SECFailure;
- }
- auto data = MakeUnique<char[]>(length);
- rv = inputStream->Read(data.get(), length, &sDevImportedDERLen);
- if (NS_FAILED(rv)) {
- PR_SetError(SEC_ERROR_IO, 0);
- return SECFailure;
- }
- MOZ_ASSERT(length == sDevImportedDERLen);
- sDevImportedDERData.reset(
- BitwiseCast<unsigned char*, char*>(data.release()));
- }
- trustedDER.data = sDevImportedDERData.get();
- trustedDER.len = sDevImportedDERLen;
- break;
- }
- default:
- PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
- return SECFailure;
- }
- mTrustedRoot.reset(CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- &trustedDER, nullptr, false, true));
- if (!mTrustedRoot) {
- return SECFailure;
- }
- return SECSuccess;
- }
- Result
- AppTrustDomain::FindIssuer(Input encodedIssuerName, IssuerChecker& checker,
- Time)
- {
- MOZ_ASSERT(mTrustedRoot);
- if (!mTrustedRoot) {
- return Result::FATAL_ERROR_INVALID_STATE;
- }
- // TODO(bug 1035418): If/when mozilla::pkix relaxes the restriction that
- // FindIssuer must only pass certificates with a matching subject name to
- // checker.Check, we can stop using CERT_CreateSubjectCertList and instead
- // use logic like this:
- //
- // 1. First, try the trusted trust anchor.
- // 2. Secondly, iterate through the certificates that were stored in the CMS
- // message, passing each one to checker.Check.
- SECItem encodedIssuerNameSECItem =
- UnsafeMapInputToSECItem(encodedIssuerName);
- UniqueCERTCertList
- candidates(CERT_CreateSubjectCertList(nullptr, CERT_GetDefaultCertDB(),
- &encodedIssuerNameSECItem, 0,
- false));
- if (candidates) {
- for (CERTCertListNode* n = CERT_LIST_HEAD(candidates);
- !CERT_LIST_END(n, candidates); n = CERT_LIST_NEXT(n)) {
- Input certDER;
- Result rv = certDER.Init(n->cert->derCert.data, n->cert->derCert.len);
- if (rv != Success) {
- continue; // probably too big
- }
- bool keepGoing;
- rv = checker.Check(certDER, nullptr/*additionalNameConstraints*/,
- keepGoing);
- if (rv != Success) {
- return rv;
- }
- if (!keepGoing) {
- break;
- }
- }
- }
- return Success;
- }
- Result
- AppTrustDomain::GetCertTrust(EndEntityOrCA endEntityOrCA,
- const CertPolicyId& policy,
- Input candidateCertDER,
- /*out*/ TrustLevel& trustLevel)
- {
- MOZ_ASSERT(policy.IsAnyPolicy());
- MOZ_ASSERT(mTrustedRoot);
- if (!policy.IsAnyPolicy()) {
- return Result::FATAL_ERROR_INVALID_ARGS;
- }
- if (!mTrustedRoot) {
- return Result::FATAL_ERROR_INVALID_STATE;
- }
- // Handle active distrust of the certificate.
- // XXX: This would be cleaner and more efficient if we could get the trust
- // information without constructing a CERTCertificate here, but NSS doesn't
- // expose it in any other easy-to-use fashion.
- SECItem candidateCertDERSECItem =
- UnsafeMapInputToSECItem(candidateCertDER);
- UniqueCERTCertificate candidateCert(
- CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &candidateCertDERSECItem,
- nullptr, false, true));
- if (!candidateCert) {
- return MapPRErrorCodeToResult(PR_GetError());
- }
- CERTCertTrust trust;
- if (CERT_GetCertTrust(candidateCert.get(), &trust) == SECSuccess) {
- uint32_t flags = SEC_GET_TRUST_FLAGS(&trust, trustObjectSigning);
- // For DISTRUST, we use the CERTDB_TRUSTED or CERTDB_TRUSTED_CA bit,
- // because we can have active distrust for either type of cert. Note that
- // CERTDB_TERMINAL_RECORD means "stop trying to inherit trust" so if the
- // relevant trust bit isn't set then that means the cert must be considered
- // distrusted.
- uint32_t relevantTrustBit = endEntityOrCA == EndEntityOrCA::MustBeCA
- ? CERTDB_TRUSTED_CA
- : CERTDB_TRUSTED;
- if (((flags & (relevantTrustBit | CERTDB_TERMINAL_RECORD)))
- == CERTDB_TERMINAL_RECORD) {
- trustLevel = TrustLevel::ActivelyDistrusted;
- return Success;
- }
- }
- // mTrustedRoot is the only trust anchor for this validation.
- if (CERT_CompareCerts(mTrustedRoot.get(), candidateCert.get())) {
- trustLevel = TrustLevel::TrustAnchor;
- return Success;
- }
- trustLevel = TrustLevel::InheritsTrust;
- return Success;
- }
- Result
- AppTrustDomain::DigestBuf(Input item,
- DigestAlgorithm digestAlg,
- /*out*/ uint8_t* digestBuf,
- size_t digestBufLen)
- {
- return DigestBufNSS(item, digestAlg, digestBuf, digestBufLen);
- }
- Result
- AppTrustDomain::CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
- /*optional*/ const Input*,
- /*optional*/ const Input*,
- /*optional*/ const Input*)
- {
- // We don't currently do revocation checking. If we need to distrust an Apps
- // certificate, we will use the active distrust mechanism.
- return Success;
- }
- Result
- AppTrustDomain::IsChainValid(const DERArray& certChain, Time time,
- const CertPolicyId& requiredPolicy)
- {
- SECStatus srv = ConstructCERTCertListFromReversedDERArray(certChain,
- mCertChain);
- if (srv != SECSuccess) {
- return MapPRErrorCodeToResult(PR_GetError());
- }
- return Success;
- }
- Result
- AppTrustDomain::CheckSignatureDigestAlgorithm(DigestAlgorithm,
- EndEntityOrCA,
- Time)
- {
- // TODO: We should restrict signatures to SHA-256 or better.
- return Success;
- }
- Result
- AppTrustDomain::CheckRSAPublicKeyModulusSizeInBits(
- EndEntityOrCA /*endEntityOrCA*/, unsigned int modulusSizeInBits)
- {
- if (modulusSizeInBits < mMinRSABits) {
- return Result::ERROR_INADEQUATE_KEY_SIZE;
- }
- return Success;
- }
- Result
- AppTrustDomain::VerifyRSAPKCS1SignedDigest(const SignedDigest& signedDigest,
- Input subjectPublicKeyInfo)
- {
- // TODO: We should restrict signatures to SHA-256 or better.
- return VerifyRSAPKCS1SignedDigestNSS(signedDigest, subjectPublicKeyInfo,
- mPinArg);
- }
- Result
- AppTrustDomain::CheckECDSACurveIsAcceptable(EndEntityOrCA /*endEntityOrCA*/,
- NamedCurve curve)
- {
- switch (curve) {
- case NamedCurve::secp256r1: // fall through
- case NamedCurve::secp384r1: // fall through
- case NamedCurve::secp521r1:
- return Success;
- }
- return Result::ERROR_UNSUPPORTED_ELLIPTIC_CURVE;
- }
- Result
- AppTrustDomain::VerifyECDSASignedDigest(const SignedDigest& signedDigest,
- Input subjectPublicKeyInfo)
- {
- return VerifyECDSASignedDigestNSS(signedDigest, subjectPublicKeyInfo,
- mPinArg);
- }
- Result
- AppTrustDomain::CheckValidityIsAcceptable(Time /*notBefore*/, Time /*notAfter*/,
- EndEntityOrCA /*endEntityOrCA*/,
- KeyPurposeId /*keyPurpose*/)
- {
- return Success;
- }
- Result
- AppTrustDomain::NetscapeStepUpMatchesServerAuth(Time /*notBefore*/,
- /*out*/ bool& matches)
- {
- matches = false;
- return Success;
- }
- void
- AppTrustDomain::NoteAuxiliaryExtension(AuxiliaryExtension /*extension*/,
- Input /*extensionData*/)
- {
- }
- } } // namespace mozilla::psm
|