/* would not do name in pluto, but dn */
static CERTCertList *get_trust_certlist(CERTCertDBHandle *handle,
const char *name)
{
CERTCertList *trustcl = NULL;
CERTCertList *tmpcl = NULL;
CERTCertificate *ca = NULL;
CERTCertListNode *node = NULL;
if ((ca = CERT_FindCertByNickname(handle, name)) == NULL) {
printf("CERT_FindCertByNickname failed %d\n",
PORT_GetError());
return NULL;
}
if (ca->isRoot) {
printf("trust anchor: %s\n",ca->subjectName);
trustcl = CERT_NewCertList();
CERT_AddCertToListTail(trustcl, ca);
} else {
tmpcl = CERT_GetCertChainFromCert(ca, PR_Now(), certUsageAnyCA);
if (tmpcl == NULL) {
printf("CERT_GetCertChainFromCert failed %d\n",
PORT_GetError());
return NULL;
}
for (node = CERT_LIST_HEAD(tmpcl); !CERT_LIST_END(node, tmpcl);
node = CERT_LIST_NEXT(node)) {
printf("CERT list: %s\n", node->cert->subjectName);
if (node->cert->isRoot) {
trustcl = CERT_NewCertList();
CERT_AddCertToListTail(trustcl, node->cert);
break;
}
}
}
if (trustcl == NULL || CERT_LIST_EMPTY(trustcl)) {
printf("Trust chain empty!\n");
return NULL;
}
return trustcl;
}
nsNSSCertList::nsNSSCertList(CERTCertList *certList, bool adopt)
{
if (certList) {
if (adopt) {
mCertList = certList;
} else {
mCertList = DupCertList(certList);
}
} else {
mCertList = CERT_NewCertList();
}
}
nsresult
nsNSSCertificateDB::ImportValidCACerts(int numCACerts, SECItem *CACerts, nsIInterfaceRequestor *ctx)
{
CERTCertList *certList = NULL;
SECItem **rawArray;
// build a CertList for filtering
certList = CERT_NewCertList();
if (certList == NULL) {
return NS_ERROR_FAILURE;
}
CERTCertListCleaner listCleaner(certList);
// get all certs into temp store
SECStatus srv = SECFailure;
CERTCertificate **certArray = NULL;
rawArray = (SECItem **) PORT_Alloc(sizeof(SECItem *) * numCACerts);
if ( !rawArray ) {
return NS_ERROR_FAILURE;
}
for (int i=0; i < numCACerts; i++) {
rawArray[i] = &CACerts[i];
}
srv = CERT_ImportCerts(CERT_GetDefaultCertDB(), certUsageAnyCA, numCACerts, rawArray,
&certArray, PR_FALSE, PR_TRUE, NULL);
PORT_Free(rawArray);
rawArray = NULL;
if (srv != SECSuccess) {
return NS_ERROR_FAILURE;
}
for (int i2=0; i2 < numCACerts; i2++) {
CERTCertificate *cacert = certArray[i2];
if (cacert)
cacert = CERT_DupCertificate(cacert);
if (cacert)
CERT_AddCertToListTail(certList, cacert);
}
CERT_DestroyCertArray(certArray, numCACerts);
return ImportValidCACertsInList(certList, ctx);
}
CERTCertList*
GetRootsForOid(SECOidTag oid_tag)
{
CERTCertList* certList = CERT_NewCertList();
if (!certList)
return nullptr;
for (size_t iEV = 0; iEV < PR_ARRAY_SIZE(myTrustedEVInfos); ++iEV) {
nsMyTrustedEVInfo& entry = myTrustedEVInfos[iEV];
if (entry.oid_tag == oid_tag) {
addToCertListIfTrusted(certList, entry.cert);
}
}
return certList;
}
void
rememberCert(CERTCertificate * cert, PRBool trusted)
{
if (trusted) {
if (!trustedCertList) {
trustedCertList = CERT_NewCertList();
}
CERT_AddCertToListTail(trustedCertList, cert);
} else {
certMem * newCertMem = PORT_ZNew(certMem);
if (newCertMem) {
newCertMem->next = theCerts;
newCertMem->cert = cert;
theCerts = newCertMem;
}
}
}
CERTCertList *
nsNSSCertList::DupCertList(CERTCertList *aCertList)
{
if (!aCertList)
return nullptr;
CERTCertList *newList = CERT_NewCertList();
if (newList == nullptr) {
return nullptr;
}
CERTCertListNode *node;
for (node = CERT_LIST_HEAD(aCertList); !CERT_LIST_END(node, aCertList);
node = CERT_LIST_NEXT(node)) {
CERTCertificate *cert = CERT_DupCertificate(node->cert);
CERT_AddCertToListTail(newList, cert);
}
return newList;
}
static CERTCertList*
getRootsForOid(SECOidTag oid_tag)
{
CERTCertList *certList = CERT_NewCertList();
if (!certList)
return nsnull;
for (size_t iEV=0; iEV < (sizeof(myTrustedEVInfos)/sizeof(nsMyTrustedEVInfo)); ++iEV) {
nsMyTrustedEVInfo &entry = myTrustedEVInfos[iEV];
if (!entry.oid_name) // invalid or placeholder list entry
continue;
if (entry.oid_tag == oid_tag)
CERT_AddCertToListTail(certList, entry.cert);
}
#ifdef PSM_ENABLE_TEST_EV_ROOTS
getRootsForOidFromExternalRootsFile(certList, oid_tag);
#endif
return certList;
}
static CERTCertList *get_all_root_certs(void)
{
PK11SlotInfo *slot = PK11_GetInternalKeySlot();
if (slot == NULL)
return NULL;
if (PK11_NeedLogin(slot)) {
SECStatus rv = PK11_Authenticate(slot, PR_TRUE,
lsw_return_nss_password_file_info());
if (rv != SECSuccess)
return NULL;
}
CERTCertList *allcerts = PK11_ListCertsInSlot(slot);
if (allcerts == NULL)
return NULL;
CERTCertList *roots = CERT_NewCertList();
CERTCertListNode *node;
for (node = CERT_LIST_HEAD(allcerts); !CERT_LIST_END(node, allcerts);
node = CERT_LIST_NEXT(node)) {
if (CERT_IsCACert(node->cert, NULL) && node->cert->isRoot) {
CERT_DupCertificate(node->cert);
CERT_AddCertToListTail(roots, node->cert);
}
}
CERT_DestroyCertList(allcerts);
if (roots == NULL || CERT_LIST_EMPTY(roots))
return NULL;
return roots;
}
/* NEED LOCKS IN HERE. */
CERTCertList *
SSL_PeerCertificateChain(PRFileDesc *fd)
{
sslSocket *ss;
CERTCertList *chain = NULL;
CERTCertificate *cert;
ssl3CertNode *cur;
ss = ssl_FindSocket(fd);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificateChain",
SSL_GETPID(), fd));
return NULL;
}
if (!ss->opt.useSecurity || !ss->sec.peerCert) {
PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
return NULL;
}
chain = CERT_NewCertList();
if (!chain) {
return NULL;
}
cert = CERT_DupCertificate(ss->sec.peerCert);
if (CERT_AddCertToListTail(chain, cert) != SECSuccess) {
goto loser;
}
for (cur = ss->ssl3.peerCertChain; cur; cur = cur->next) {
cert = CERT_DupCertificate(cur->cert);
if (CERT_AddCertToListTail(chain, cert) != SECSuccess) {
goto loser;
}
}
return chain;
loser:
CERT_DestroyCertList(chain);
return NULL;
}
CERTCertList *
cmmf_MakeCertList(CERTCertificate **inCerts)
{
CERTCertList *certList;
CERTCertificate *currCert;
SECItem *derCert, *freeCert = NULL;
SECStatus rv;
int i;
certList = CERT_NewCertList();
if (certList == NULL) {
return NULL;
}
for (i = 0; inCerts[i] != NULL; i++) {
derCert = &inCerts[i]->derCert;
if (derCert->data == NULL) {
derCert = freeCert = cmmf_encode_certificate(inCerts[i]);
}
currCert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
derCert, NULL, PR_FALSE, PR_TRUE);
if (freeCert != NULL) {
SECITEM_FreeItem(freeCert, PR_TRUE);
freeCert = NULL;
}
if (currCert == NULL) {
goto loser;
}
rv = CERT_AddCertToListTail(certList, currCert);
if (rv != SECSuccess) {
goto loser;
}
}
return certList;
loser:
CERT_DestroyCertList(certList);
return NULL;
}
// Recursively build the path from the given subject certificate to the root.
//
// Be very careful about changing the order of checks. The order is significant
// because it affects which error we return when a certificate or certificate
// chain has multiple problems. See the error ranking documentation in
// insanity/pkix.h.
static Result
BuildForward(TrustDomain& trustDomain,
BackCert& subject,
PRTime time,
EndEntityOrCA endEntityOrCA,
KeyUsages requiredKeyUsagesIfPresent,
SECOidTag requiredEKUIfPresent,
SECOidTag requiredPolicy,
/*optional*/ const SECItem* stapledOCSPResponse,
unsigned int subCACount,
/*out*/ ScopedCERTCertList& results)
{
// Avoid stack overflows and poor performance by limiting cert length.
// XXX: 6 is not enough for chains.sh anypolicywithlevel.cfg tests
static const size_t MAX_DEPTH = 8;
if (subCACount >= MAX_DEPTH - 1) {
return RecoverableError;
}
Result rv;
TrustDomain::TrustLevel trustLevel;
bool expiredEndEntity = false;
rv = CheckIssuerIndependentProperties(trustDomain, subject, time,
endEntityOrCA,
requiredKeyUsagesIfPresent,
requiredEKUIfPresent, requiredPolicy,
subCACount, &trustLevel);
if (rv != Success) {
// CheckIssuerIndependentProperties checks for expiration last, so if
// it returned SEC_ERROR_EXPIRED_CERTIFICATE we know that is the only
// problem with the cert found so far. Keep going to see if we can build
// a path; if not, it's better to return the path building failure.
expiredEndEntity = endEntityOrCA == MustBeEndEntity &&
trustLevel != TrustDomain::TrustAnchor &&
PR_GetError() == SEC_ERROR_EXPIRED_CERTIFICATE;
if (!expiredEndEntity) {
return rv;
}
}
if (trustLevel == TrustDomain::TrustAnchor) {
// End of the recursion. Create the result list and add the trust anchor to
// it.
results = CERT_NewCertList();
if (!results) {
return FatalError;
}
rv = subject.PrependNSSCertToList(results.get());
return rv;
}
// Find a trusted issuer.
// TODO(bug 965136): Add SKI/AKI matching optimizations
ScopedCERTCertList candidates;
if (trustDomain.FindPotentialIssuers(&subject.GetNSSCert()->derIssuer, time,
candidates) != SECSuccess) {
return MapSECStatus(SECFailure);
}
PORT_Assert(candidates.get());
if (!candidates) {
return Fail(RecoverableError, SEC_ERROR_UNKNOWN_ISSUER);
}
PRErrorCode errorToReturn = 0;
for (CERTCertListNode* n = CERT_LIST_HEAD(candidates);
!CERT_LIST_END(n, candidates); n = CERT_LIST_NEXT(n)) {
rv = BuildForwardInner(trustDomain, subject, time, endEntityOrCA,
requiredEKUIfPresent, requiredPolicy,
n->cert, stapledOCSPResponse, subCACount,
results);
if (rv == Success) {
if (expiredEndEntity) {
// We deferred returning this error to see if we should return
// "unknown issuer" instead. Since we found a valid issuer, it's
// time to return "expired."
PR_SetError(SEC_ERROR_EXPIRED_CERTIFICATE, 0);
return RecoverableError;
}
SECStatus srv = trustDomain.CheckRevocation(endEntityOrCA,
subject.GetNSSCert(),
n->cert, time,
stapledOCSPResponse);
if (srv != SECSuccess) {
return MapSECStatus(SECFailure);
}
// We found a trusted issuer. At this point, we know the cert is valid
return subject.PrependNSSCertToList(results.get());
}
if (rv != RecoverableError) {
return rv;
}
PRErrorCode currentError = PR_GetError();
switch (currentError) {
case 0:
PR_NOT_REACHED("Error code not set!");
PR_SetError(PR_INVALID_STATE_ERROR, 0);
return FatalError;
case SEC_ERROR_UNTRUSTED_CERT:
currentError = SEC_ERROR_UNTRUSTED_ISSUER;
break;
default:
break;
}
if (errorToReturn == 0) {
errorToReturn = currentError;
} else if (errorToReturn != currentError) {
errorToReturn = SEC_ERROR_UNKNOWN_ISSUER;
}
}
if (errorToReturn == 0) {
errorToReturn = SEC_ERROR_UNKNOWN_ISSUER;
}
return Fail(RecoverableError, errorToReturn);
}
// Recursively build the path from the given subject certificate to the root.
//
// Be very careful about changing the order of checks. The order is significant
// because it affects which error we return when a certificate or certificate
// chain has multiple problems. See the error ranking documentation in
// pkix/pkix.h.
static Result
BuildForward(TrustDomain& trustDomain,
BackCert& subject,
PRTime time,
EndEntityOrCA endEntityOrCA,
KeyUsage requiredKeyUsageIfPresent,
SECOidTag requiredEKUIfPresent,
SECOidTag requiredPolicy,
/*optional*/ const SECItem* stapledOCSPResponse,
unsigned int subCACount,
/*out*/ ScopedCERTCertList& results)
{
// Avoid stack overflows and poor performance by limiting cert length.
// XXX: 6 is not enough for chains.sh anypolicywithlevel.cfg tests
static const size_t MAX_DEPTH = 8;
if (subCACount >= MAX_DEPTH - 1) {
return Fail(RecoverableError, SEC_ERROR_UNKNOWN_ISSUER);
}
Result rv;
TrustDomain::TrustLevel trustLevel;
// If this is an end-entity and not a trust anchor, we defer reporting
// any error found here until after attempting to find a valid chain.
// See the explanation of error prioritization in pkix.h.
rv = CheckIssuerIndependentProperties(trustDomain, subject, time,
endEntityOrCA,
requiredKeyUsageIfPresent,
requiredEKUIfPresent, requiredPolicy,
subCACount, &trustLevel);
PRErrorCode deferredEndEntityError = 0;
if (rv != Success) {
if (endEntityOrCA == MustBeEndEntity &&
trustLevel != TrustDomain::TrustAnchor) {
deferredEndEntityError = PR_GetError();
} else {
return rv;
}
}
if (trustLevel == TrustDomain::TrustAnchor) {
// End of the recursion. Create the result list and add the trust anchor to
// it.
results = CERT_NewCertList();
if (!results) {
return FatalError;
}
rv = subject.PrependNSSCertToList(results.get());
return rv;
}
// Find a trusted issuer.
// TODO(bug 965136): Add SKI/AKI matching optimizations
ScopedCERTCertList candidates;
if (trustDomain.FindPotentialIssuers(&subject.GetNSSCert()->derIssuer, time,
candidates) != SECSuccess) {
return MapSECStatus(SECFailure);
}
if (!candidates) {
return Fail(RecoverableError, SEC_ERROR_UNKNOWN_ISSUER);
}
PRErrorCode errorToReturn = 0;
for (CERTCertListNode* n = CERT_LIST_HEAD(candidates);
!CERT_LIST_END(n, candidates); n = CERT_LIST_NEXT(n)) {
rv = BuildForwardInner(trustDomain, subject, time, endEntityOrCA,
requiredEKUIfPresent, requiredPolicy,
n->cert, stapledOCSPResponse, subCACount,
results);
if (rv == Success) {
// If we found a valid chain but deferred reporting an error with the
// end-entity certificate, report it now.
if (deferredEndEntityError != 0) {
PR_SetError(deferredEndEntityError, 0);
return FatalError;
}
SECStatus srv = trustDomain.CheckRevocation(endEntityOrCA,
subject.GetNSSCert(),
n->cert, time,
stapledOCSPResponse);
if (srv != SECSuccess) {
return MapSECStatus(SECFailure);
}
// We found a trusted issuer. At this point, we know the cert is valid
return subject.PrependNSSCertToList(results.get());
}
if (rv != RecoverableError) {
return rv;
}
PRErrorCode currentError = PR_GetError();
switch (currentError) {
case 0:
PR_NOT_REACHED("Error code not set!");
PR_SetError(PR_INVALID_STATE_ERROR, 0);
return FatalError;
case SEC_ERROR_UNTRUSTED_CERT:
currentError = SEC_ERROR_UNTRUSTED_ISSUER;
break;
default:
break;
}
if (errorToReturn == 0) {
errorToReturn = currentError;
} else if (errorToReturn != currentError) {
errorToReturn = SEC_ERROR_UNKNOWN_ISSUER;
}
}
if (errorToReturn == 0) {
errorToReturn = SEC_ERROR_UNKNOWN_ISSUER;
}
return Fail(RecoverableError, errorToReturn);
}
/*
* Create a DER-encoded OCSP request (for the certificate whose nickname is
* "cert_name"), then get and dump a corresponding response. The responder
* location is either specified explicitly (as "responder_url") or found
* via the AuthorityInfoAccess URL in the cert.
*/
static SECStatus
dump_response (FILE *out_file, CERTCertDBHandle *handle, CERTCertificate *cert,
const char *responder_url)
{
CERTCertList *certs = NULL;
CERTCertificate *myCert = NULL;
char *loc = NULL;
PRTime now = PR_Now();
SECItem *response = NULL;
SECStatus rv = SECFailure;
PRBool includeServiceLocator;
if (handle == NULL || cert == NULL)
return rv;
myCert = CERT_DupCertificate(cert);
if (myCert == NULL)
goto loser;
if (responder_url != NULL) {
loc = (char *) responder_url;
includeServiceLocator = PR_TRUE;
} else {
loc = CERT_GetOCSPAuthorityInfoAccessLocation (cert);
if (loc == NULL)
goto loser;
includeServiceLocator = PR_FALSE;
}
/*
* We need to create a list of one.
*/
certs = CERT_NewCertList();
if (certs == NULL)
goto loser;
if (CERT_AddCertToListTail (certs, myCert) != SECSuccess)
goto loser;
/*
* Now that cert is included in the list, we need to be careful
* that we do not try to destroy it twice. This will prevent that.
*/
myCert = NULL;
response = CERT_GetEncodedOCSPResponse (NULL, certs, loc, now,
includeServiceLocator,
NULL, NULL, NULL);
if (response == NULL)
goto loser;
MAKE_FILE_BINARY(out_file);
if (fwrite (response->data, response->len, 1, out_file) != 1)
goto loser;
rv = SECSuccess;
loser:
if (response != NULL)
SECITEM_FreeItem (response, PR_TRUE);
if (certs != NULL)
CERT_DestroyCertList (certs);
if (myCert != NULL)
CERT_DestroyCertificate(myCert);
if (loc != NULL && loc != responder_url)
PORT_Free (loc);
return rv;
}
/*
* Create a DER-encoded OCSP request (for the certificate whose nickname
* is "name") and dump it out.
*/
static SECStatus
create_request (FILE *out_file, CERTCertDBHandle *handle, CERTCertificate *cert,
PRBool add_service_locator, PRBool add_acceptable_responses)
{
CERTCertList *certs = NULL;
CERTCertificate *myCert = NULL;
CERTOCSPRequest *request = NULL;
PRTime now = PR_Now();
SECItem *encoding = NULL;
SECStatus rv = SECFailure;
if (handle == NULL || cert == NULL)
return rv;
myCert = CERT_DupCertificate(cert);
if (myCert == NULL)
goto loser;
/*
* We need to create a list of one.
*/
certs = CERT_NewCertList();
if (certs == NULL)
goto loser;
if (CERT_AddCertToListTail (certs, myCert) != SECSuccess)
goto loser;
/*
* Now that cert is included in the list, we need to be careful
* that we do not try to destroy it twice. This will prevent that.
*/
myCert = NULL;
request = CERT_CreateOCSPRequest (certs, now, add_service_locator, NULL);
if (request == NULL)
goto loser;
if (add_acceptable_responses) {
rv = CERT_AddOCSPAcceptableResponses(request,
SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
if (rv != SECSuccess)
goto loser;
}
encoding = CERT_EncodeOCSPRequest (NULL, request, NULL);
if (encoding == NULL)
goto loser;
MAKE_FILE_BINARY(out_file);
if (fwrite (encoding->data, encoding->len, 1, out_file) != 1)
goto loser;
rv = SECSuccess;
loser:
if (encoding != NULL)
SECITEM_FreeItem(encoding, PR_TRUE);
if (request != NULL)
CERT_DestroyOCSPRequest(request);
if (certs != NULL)
CERT_DestroyCertList (certs);
if (myCert != NULL)
CERT_DestroyCertificate(myCert);
return rv;
}
nsresult
nsNSSCertificateDB::handleCACertDownload(nsIArray *x509Certs,
nsIInterfaceRequestor *ctx)
{
// First thing we have to do is figure out which certificate we're
// gonna present to the user. The CA may have sent down a list of
// certs which may or may not be a chained list of certs. Until
// the day we can design some solid UI for the general case, we'll
// code to the > 90% case. That case is where a CA sends down a
// list that is a hierarchy whose root is either the first or
// the last cert. What we're gonna do is compare the first
// 2 entries, if the second was signed by the first, we assume
// the root cert is the first cert and display it. Otherwise,
// we compare the last 2 entries, if the second to last cert was
// signed by the last cert, then we assume the last cert is the
// root and display it.
nsNSSShutDownPreventionLock locker;
PRUint32 numCerts;
x509Certs->GetLength(&numCerts);
NS_ASSERTION(numCerts > 0, "Didn't get any certs to import.");
if (numCerts == 0)
return NS_OK; // Nothing to import, so nothing to do.
nsCOMPtr<nsIX509Cert> certToShow;
nsCOMPtr<nsISupports> isupports;
PRUint32 selCertIndex;
if (numCerts == 1) {
// There's only one cert, so let's show it.
selCertIndex = 0;
certToShow = do_QueryElementAt(x509Certs, selCertIndex);
} else {
nsCOMPtr<nsIX509Cert> cert0; // first cert
nsCOMPtr<nsIX509Cert> cert1; // second cert
nsCOMPtr<nsIX509Cert> certn_2; // second to last cert
nsCOMPtr<nsIX509Cert> certn_1; // last cert
cert0 = do_QueryElementAt(x509Certs, 0);
cert1 = do_QueryElementAt(x509Certs, 1);
certn_2 = do_QueryElementAt(x509Certs, numCerts-2);
certn_1 = do_QueryElementAt(x509Certs, numCerts-1);
nsXPIDLString cert0SubjectName;
nsXPIDLString cert1IssuerName;
nsXPIDLString certn_2IssuerName;
nsXPIDLString certn_1SubjectName;
cert0->GetSubjectName(cert0SubjectName);
cert1->GetIssuerName(cert1IssuerName);
certn_2->GetIssuerName(certn_2IssuerName);
certn_1->GetSubjectName(certn_1SubjectName);
if (cert1IssuerName.Equals(cert0SubjectName)) {
// In this case, the first cert in the list signed the second,
// so the first cert is the root. Let's display it.
selCertIndex = 0;
certToShow = cert0;
} else
if (certn_2IssuerName.Equals(certn_1SubjectName)) {
// In this case the last cert has signed the second to last cert.
// The last cert is the root, so let's display it.
selCertIndex = numCerts-1;
certToShow = certn_1;
} else {
// It's not a chain, so let's just show the first one in the
// downloaded list.
selCertIndex = 0;
certToShow = cert0;
}
}
if (!certToShow)
return NS_ERROR_FAILURE;
nsCOMPtr<nsICertificateDialogs> dialogs;
nsresult rv = ::getNSSDialogs(getter_AddRefs(dialogs),
NS_GET_IID(nsICertificateDialogs),
NS_CERTIFICATEDIALOGS_CONTRACTID);
if (NS_FAILED(rv))
return rv;
SECItem der;
rv=certToShow->GetRawDER(&der.len, (PRUint8 **)&der.data);
if (NS_FAILED(rv))
return rv;
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Creating temp cert\n"));
CERTCertificate *tmpCert;
CERTCertDBHandle *certdb = CERT_GetDefaultCertDB();
tmpCert = CERT_FindCertByDERCert(certdb, &der);
if (!tmpCert) {
tmpCert = CERT_NewTempCertificate(certdb, &der,
nsnull, PR_FALSE, PR_TRUE);
}
nsMemory::Free(der.data);
der.data = nsnull;
der.len = 0;
if (!tmpCert) {
NS_ERROR("Couldn't create cert from DER blob\n");
return NS_ERROR_FAILURE;
}
CERTCertificateCleaner tmpCertCleaner(tmpCert);
if (!CERT_IsCACert(tmpCert, NULL)) {
DisplayCertificateAlert(ctx, "NotACACert", certToShow);
return NS_ERROR_FAILURE;
}
if (tmpCert->isperm) {
DisplayCertificateAlert(ctx, "CaCertExists", certToShow);
return NS_ERROR_FAILURE;
}
PRUint32 trustBits;
PRBool allows;
rv = dialogs->ConfirmDownloadCACert(ctx, certToShow, &trustBits, &allows);
if (NS_FAILED(rv))
return rv;
if (!allows)
return NS_ERROR_NOT_AVAILABLE;
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("trust is %d\n", trustBits));
nsXPIDLCString nickname;
nickname.Adopt(CERT_MakeCANickname(tmpCert));
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Created nick \"%s\"\n", nickname.get()));
nsNSSCertTrust trust;
trust.SetValidCA();
trust.AddCATrust(!!(trustBits & nsIX509CertDB::TRUSTED_SSL),
!!(trustBits & nsIX509CertDB::TRUSTED_EMAIL),
!!(trustBits & nsIX509CertDB::TRUSTED_OBJSIGN));
SECStatus srv = CERT_AddTempCertToPerm(tmpCert,
const_cast<char*>(nickname.get()),
trust.GetTrust());
if (srv != SECSuccess)
return NS_ERROR_FAILURE;
// Import additional delivered certificates that can be verified.
// build a CertList for filtering
CERTCertList *certList = CERT_NewCertList();
if (certList == NULL) {
return NS_ERROR_FAILURE;
}
CERTCertListCleaner listCleaner(certList);
// get all remaining certs into temp store
for (PRUint32 i=0; i<numCerts; i++) {
if (i == selCertIndex) {
// we already processed that one
continue;
}
certToShow = do_QueryElementAt(x509Certs, i);
certToShow->GetRawDER(&der.len, (PRUint8 **)&der.data);
CERTCertificate *tmpCert2 =
CERT_NewTempCertificate(certdb, &der, nsnull, PR_FALSE, PR_TRUE);
nsMemory::Free(der.data);
der.data = nsnull;
der.len = 0;
if (!tmpCert2) {
NS_ASSERTION(0, "Couldn't create temp cert from DER blob\n");
continue; // Let's try to import the rest of 'em
}
CERT_AddCertToListTail(certList, tmpCert2);
}
return ImportValidCACertsInList(certList, ctx);
}
nsresult
VerifyCMSDetachedSignatureIncludingCertificate(
const SECItem& buffer, const SECItem& detachedDigest,
nsresult (*verifyCertificate)(CERTCertificate* cert, void* context,
void* pinArg),
void *verifyCertificateContext, void* pinArg)
{
// XXX: missing pinArg is tolerated.
if (NS_WARN_IF(!buffer.data && buffer.len > 0) ||
NS_WARN_IF(!detachedDigest.data && detachedDigest.len > 0) ||
(!verifyCertificate) ||
NS_WARN_IF(!verifyCertificateContext)) {
return NS_ERROR_INVALID_ARG;
}
ScopedNSSCMSMessage
cmsMsg(NSS_CMSMessage_CreateFromDER(const_cast<SECItem*>(&buffer), nullptr,
nullptr, nullptr, nullptr, nullptr,
nullptr));
if (!cmsMsg) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
if (!NSS_CMSMessage_IsSigned(cmsMsg.get())) {
return NS_ERROR_CMS_VERIFY_NOT_SIGNED;
}
NSSCMSContentInfo* cinfo = NSS_CMSMessage_ContentLevel(cmsMsg.get(), 0);
if (!cinfo) {
return NS_ERROR_CMS_VERIFY_NO_CONTENT_INFO;
}
// signedData is non-owning
NSSCMSSignedData* signedData =
reinterpret_cast<NSSCMSSignedData*>(NSS_CMSContentInfo_GetContent(cinfo));
if (!signedData) {
return NS_ERROR_CMS_VERIFY_NO_CONTENT_INFO;
}
// Set digest value.
if (NSS_CMSSignedData_SetDigestValue(signedData, SEC_OID_SHA1,
const_cast<SECItem*>(&detachedDigest))) {
return NS_ERROR_CMS_VERIFY_BAD_DIGEST;
}
// Parse the certificates into CERTCertificate objects held in memory so
// verifyCertificate will be able to find them during path building.
ScopedCERTCertList certs(CERT_NewCertList());
if (!certs) {
return NS_ERROR_OUT_OF_MEMORY;
}
if (signedData->rawCerts) {
for (size_t i = 0; signedData->rawCerts[i]; ++i) {
ScopedCERTCertificate
cert(CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
signedData->rawCerts[i], nullptr, false,
true));
// Skip certificates that fail to parse
if (cert) {
if (CERT_AddCertToListTail(certs.get(), cert.get()) == SECSuccess) {
cert.forget(); // ownership transfered
} else {
return NS_ERROR_OUT_OF_MEMORY;
}
}
}
}
// Get the end-entity certificate.
int numSigners = NSS_CMSSignedData_SignerInfoCount(signedData);
if (NS_WARN_IF(numSigners != 1)) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
// signer is non-owning.
NSSCMSSignerInfo* signer = NSS_CMSSignedData_GetSignerInfo(signedData, 0);
if (NS_WARN_IF(!signer)) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
CERTCertificate* signerCert =
NSS_CMSSignerInfo_GetSigningCertificate(signer, CERT_GetDefaultCertDB());
if (!signerCert) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
nsresult rv = verifyCertificate(signerCert, verifyCertificateContext, pinArg);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
// See NSS_CMSContentInfo_GetContentTypeOID, which isn't exported from NSS.
SECOidData* contentTypeOidData =
SECOID_FindOID(&signedData->contentInfo.contentType);
if (!contentTypeOidData) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
return MapSECStatus(NSS_CMSSignerInfo_Verify(signer,
const_cast<SECItem*>(&detachedDigest),
&contentTypeOidData->oid));
}
/*
* [noscript] void importEmailCertificates(in charPtr data, in unsigned long length,
* in nsIInterfaceRequestor ctx);
*/
NS_IMETHODIMP
nsNSSCertificateDB::ImportEmailCertificate(PRUint8 * data, PRUint32 length,
nsIInterfaceRequestor *ctx)
{
nsNSSShutDownPreventionLock locker;
SECStatus srv = SECFailure;
nsresult nsrv = NS_OK;
CERTCertDBHandle *certdb;
CERTCertificate **certArray = NULL;
CERTCertList *certList = NULL;
CERTCertListNode *node;
PRTime now;
SECCertUsage certusage;
SECItem **rawArray;
int numcerts;
int i;
PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if (!arena)
return NS_ERROR_OUT_OF_MEMORY;
CERTDERCerts *certCollection = getCertsFromPackage(arena, data, length);
if (!certCollection) {
PORT_FreeArena(arena, PR_FALSE);
return NS_ERROR_FAILURE;
}
certdb = CERT_GetDefaultCertDB();
certusage = certUsageEmailRecipient;
numcerts = certCollection->numcerts;
rawArray = (SECItem **) PORT_Alloc(sizeof(SECItem *) * numcerts);
if ( !rawArray ) {
nsrv = NS_ERROR_FAILURE;
goto loser;
}
for (i=0; i < numcerts; i++) {
rawArray[i] = &certCollection->rawCerts[i];
}
srv = CERT_ImportCerts(certdb, certusage, numcerts, rawArray,
&certArray, PR_FALSE, PR_FALSE, NULL);
PORT_Free(rawArray);
rawArray = NULL;
if (srv != SECSuccess) {
nsrv = NS_ERROR_FAILURE;
goto loser;
}
// build a CertList for filtering
certList = CERT_NewCertList();
if (certList == NULL) {
nsrv = NS_ERROR_FAILURE;
goto loser;
}
for (i=0; i < numcerts; i++) {
CERTCertificate *cert = certArray[i];
if (cert)
cert = CERT_DupCertificate(cert);
if (cert)
CERT_AddCertToListTail(certList, cert);
}
/* go down the remaining list of certs and verify that they have
* valid chains, then import them.
*/
now = PR_Now();
for (node = CERT_LIST_HEAD(certList);
!CERT_LIST_END(node,certList);
node = CERT_LIST_NEXT(node)) {
bool alert_and_skip = false;
if (!node->cert) {
continue;
}
if (CERT_VerifyCert(certdb, node->cert,
PR_TRUE, certusage, now, ctx, NULL) != SECSuccess) {
alert_and_skip = true;
}
CERTCertificateList *certChain = nsnull;
CERTCertificateListCleaner chainCleaner(certChain);
if (!alert_and_skip) {
certChain = CERT_CertChainFromCert(node->cert, certusage, PR_FALSE);
if (!certChain) {
alert_and_skip = true;
}
}
if (alert_and_skip) {
nsCOMPtr<nsIX509Cert> certToShow = new nsNSSCertificate(node->cert);
DisplayCertificateAlert(ctx, "NotImportingUnverifiedCert", certToShow);
continue;
}
/*
* CertChain returns an array of SECItems, import expects an array of
* SECItem pointers. Create the SECItem Pointers from the array of
* SECItems.
*/
rawArray = (SECItem **) PORT_Alloc(certChain->len * sizeof(SECItem *));
if (!rawArray) {
continue;
}
for (i=0; i < certChain->len; i++) {
rawArray[i] = &certChain->certs[i];
}
CERT_ImportCerts(certdb, certusage, certChain->len,
rawArray, NULL, PR_TRUE, PR_FALSE, NULL);
CERT_SaveSMimeProfile(node->cert, NULL, NULL);
PORT_Free(rawArray);
}
loser:
if (certArray) {
CERT_DestroyCertArray(certArray, numcerts);
}
if (certList) {
CERT_DestroyCertList(certList);
}
if (arena)
PORT_FreeArena(arena, PR_TRUE);
return nsrv;
}
CERTCertList *
CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle,
const SECItem *name, PRTime sorttime,
PRBool validOnly)
{
NSSCryptoContext *cc;
NSSCertificate **tSubjectCerts, **pSubjectCerts;
NSSCertificate **ci;
CERTCertificate *cert;
NSSDER subject;
PRBool myList = PR_FALSE;
cc = STAN_GetDefaultCryptoContext();
NSSITEM_FROM_SECITEM(&subject, name);
/* Collect both temp and perm certs for the subject */
tSubjectCerts =
NSSCryptoContext_FindCertificatesBySubject(cc, &subject, NULL, 0, NULL);
pSubjectCerts = NSSTrustDomain_FindCertificatesBySubject(handle, &subject,
NULL, 0, NULL);
if (!tSubjectCerts && !pSubjectCerts) {
return NULL;
}
if (certList == NULL) {
certList = CERT_NewCertList();
myList = PR_TRUE;
if (!certList)
goto loser;
}
/* Iterate over the matching temp certs. Add them to the list */
ci = tSubjectCerts;
while (ci && *ci) {
cert = STAN_GetCERTCertificateOrRelease(*ci);
/* *ci may be invalid at this point, don't reference it again */
if (cert) {
/* NOTE: add_to_subject_list adopts the incoming cert. */
add_to_subject_list(certList, cert, validOnly, sorttime);
}
ci++;
}
/* Iterate over the matching perm certs. Add them to the list */
ci = pSubjectCerts;
while (ci && *ci) {
cert = STAN_GetCERTCertificateOrRelease(*ci);
/* *ci may be invalid at this point, don't reference it again */
if (cert) {
/* NOTE: add_to_subject_list adopts the incoming cert. */
add_to_subject_list(certList, cert, validOnly, sorttime);
}
ci++;
}
/* all the references have been adopted or freed at this point, just
* free the arrays now */
nss_ZFreeIf(tSubjectCerts);
nss_ZFreeIf(pSubjectCerts);
return certList;
loser:
/* need to free the references in tSubjectCerts and pSubjectCerts! */
nssCertificateArray_Destroy(tSubjectCerts);
nssCertificateArray_Destroy(pSubjectCerts);
if (myList && certList != NULL) {
CERT_DestroyCertList(certList);
}
return NULL;
}
SECStatus
NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
SECCertUsage certusage, PRBool keepcerts)
{
int certcount;
CERTCertificate **certArray = NULL;
CERTCertList *certList = NULL;
CERTCertListNode *node;
SECStatus rv;
SECItem **rawArray;
int i;
PRTime now;
if (!sigd) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
certcount = NSS_CMSArray_Count((void **)sigd->rawCerts);
/* get the certs in the temp DB */
rv = CERT_ImportCerts(certdb, certusage, certcount, sigd->rawCerts,
&certArray, PR_FALSE, PR_FALSE, NULL);
if (rv != SECSuccess) {
goto loser;
}
/* save the certs so they don't get destroyed */
for (i = 0; i < certcount; i++) {
CERTCertificate *cert = certArray[i];
if (cert)
NSS_CMSSignedData_AddTempCertificate(sigd, cert);
}
if (!keepcerts) {
goto done;
}
/* build a CertList for filtering */
certList = CERT_NewCertList();
if (certList == NULL) {
rv = SECFailure;
goto loser;
}
for (i = 0; i < certcount; i++) {
CERTCertificate *cert = certArray[i];
if (cert)
cert = CERT_DupCertificate(cert);
if (cert)
CERT_AddCertToListTail(certList, cert);
}
/* filter out the certs we don't want */
rv = CERT_FilterCertListByUsage(certList, certusage, PR_FALSE);
if (rv != SECSuccess) {
goto loser;
}
/* go down the remaining list of certs and verify that they have
* valid chains, then import them.
*/
now = PR_Now();
for (node = CERT_LIST_HEAD(certList); !CERT_LIST_END(node, certList);
node = CERT_LIST_NEXT(node)) {
CERTCertificateList *certChain;
if (CERT_VerifyCert(certdb, node->cert,
PR_TRUE, certusage, now, NULL, NULL) != SECSuccess) {
continue;
}
certChain = CERT_CertChainFromCert(node->cert, certusage, PR_FALSE);
if (!certChain) {
continue;
}
/*
* CertChain returns an array of SECItems, import expects an array of
* SECItem pointers. Create the SECItem Pointers from the array of
* SECItems.
*/
rawArray = (SECItem **)PORT_Alloc(certChain->len * sizeof(SECItem *));
if (!rawArray) {
CERT_DestroyCertificateList(certChain);
continue;
}
for (i = 0; i < certChain->len; i++) {
rawArray[i] = &certChain->certs[i];
}
(void)CERT_ImportCerts(certdb, certusage, certChain->len,
rawArray, NULL, keepcerts, PR_FALSE, NULL);
PORT_Free(rawArray);
CERT_DestroyCertificateList(certChain);
}
rv = SECSuccess;
/* XXX CRL handling */
done:
if (sigd->signerInfos != NULL) {
/* fill in all signerinfo's certs */
for (i = 0; sigd->signerInfos[i] != NULL; i++)
(void)NSS_CMSSignerInfo_GetSigningCertificate(
sigd->signerInfos[i], certdb);
}
loser:
/* now free everything */
if (certArray) {
CERT_DestroyCertArray(certArray, certcount);
}
if (certList) {
CERT_DestroyCertList(certList);
}
return rv;
}
SECStatus
CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
Time time, void* pinArg, const char* hostname,
const Flags flags,
/*optional*/ const SECItem* stapledOCSPResponseSECItem,
/*optional out*/ ScopedCERTCertList* builtChain,
/*optional out*/ SECOidTag* evOidPolicy,
/*optional out*/ OCSPStaplingStatus* ocspStaplingStatus,
/*optional out*/ KeySizeStatus* keySizeStatus)
{
PR_LOG(gCertVerifierLog, PR_LOG_DEBUG, ("Top of VerifyCert\n"));
PR_ASSERT(cert);
PR_ASSERT(usage == certificateUsageSSLServer || !(flags & FLAG_MUST_BE_EV));
PR_ASSERT(usage == certificateUsageSSLServer || !keySizeStatus);
if (builtChain) {
*builtChain = nullptr;
}
if (evOidPolicy) {
*evOidPolicy = SEC_OID_UNKNOWN;
}
if (ocspStaplingStatus) {
if (usage != certificateUsageSSLServer) {
PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
return SECFailure;
}
*ocspStaplingStatus = OCSP_STAPLING_NEVER_CHECKED;
}
if (keySizeStatus) {
if (usage != certificateUsageSSLServer) {
PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
return SECFailure;
}
*keySizeStatus = KeySizeStatus::NeverChecked;
}
if (!cert ||
(usage != certificateUsageSSLServer && (flags & FLAG_MUST_BE_EV))) {
PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
return SECFailure;
}
Result rv;
Input certDER;
rv = certDER.Init(cert->derCert.data, cert->derCert.len);
if (rv != Success) {
PR_SetError(MapResultToPRErrorCode(rv), 0);
return SECFailure;
}
NSSCertDBTrustDomain::OCSPFetching ocspFetching
= !mOCSPDownloadEnabled ||
(flags & FLAG_LOCAL_ONLY) ? NSSCertDBTrustDomain::NeverFetchOCSP
: !mOCSPStrict ? NSSCertDBTrustDomain::FetchOCSPForDVSoftFail
: NSSCertDBTrustDomain::FetchOCSPForDVHardFail;
OcspGetConfig ocspGETConfig = mOCSPGETEnabled ? ocspGetEnabled
: ocspGetDisabled;
Input stapledOCSPResponseInput;
const Input* stapledOCSPResponse = nullptr;
if (stapledOCSPResponseSECItem) {
rv = stapledOCSPResponseInput.Init(stapledOCSPResponseSECItem->data,
stapledOCSPResponseSECItem->len);
if (rv != Success) {
// The stapled OCSP response was too big.
PR_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE, 0);
return SECFailure;
}
stapledOCSPResponse = &stapledOCSPResponseInput;
}
switch (usage) {
case certificateUsageSSLClient: {
// XXX: We don't really have a trust bit for SSL client authentication so
// just use trustEmail as it is the closest alternative.
NSSCertDBTrustDomain trustDomain(trustEmail, ocspFetching, mOCSPCache,
pinArg, ocspGETConfig, pinningDisabled,
MINIMUM_NON_ECC_BITS_WEAK, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
KeyUsage::digitalSignature,
KeyPurposeId::id_kp_clientAuth,
CertPolicyId::anyPolicy, stapledOCSPResponse);
break;
}
case certificateUsageSSLServer: {
// TODO: When verifying a certificate in an SSL handshake, we should
// restrict the acceptable key usage based on the key exchange method
// chosen by the server.
#ifndef MOZ_NO_EV_CERTS
// Try to validate for EV first.
CertPolicyId evPolicy;
SECOidTag evPolicyOidTag;
SECStatus srv = GetFirstEVPolicy(cert, evPolicy, evPolicyOidTag);
if (srv == SECSuccess) {
NSSCertDBTrustDomain
trustDomain(trustSSL,
ocspFetching == NSSCertDBTrustDomain::NeverFetchOCSP
? NSSCertDBTrustDomain::LocalOnlyOCSPForEV
: NSSCertDBTrustDomain::FetchOCSPForEV,
mOCSPCache, pinArg, ocspGETConfig, mPinningMode,
MINIMUM_NON_ECC_BITS, hostname, builtChain);
rv = BuildCertChainForOneKeyUsage(trustDomain, certDER, time,
KeyUsage::digitalSignature,// (EC)DHE
KeyUsage::keyEncipherment, // RSA
KeyUsage::keyAgreement, // (EC)DH
KeyPurposeId::id_kp_serverAuth,
evPolicy, stapledOCSPResponse,
ocspStaplingStatus);
if (rv == Success) {
if (evOidPolicy) {
*evOidPolicy = evPolicyOidTag;
}
break;
}
}
#endif
if (flags & FLAG_MUST_BE_EV) {
rv = Result::ERROR_POLICY_VALIDATION_FAILED;
break;
}
// Now try non-EV.
NSSCertDBTrustDomain trustDomain(trustSSL, ocspFetching, mOCSPCache,
pinArg, ocspGETConfig, mPinningMode,
MINIMUM_NON_ECC_BITS, hostname,
builtChain);
rv = BuildCertChainForOneKeyUsage(trustDomain, certDER, time,
KeyUsage::digitalSignature, // (EC)DHE
KeyUsage::keyEncipherment, // RSA
KeyUsage::keyAgreement, // (EC)DH
KeyPurposeId::id_kp_serverAuth,
CertPolicyId::anyPolicy,
stapledOCSPResponse,
ocspStaplingStatus);
if (rv == Success) {
if (keySizeStatus) {
*keySizeStatus = KeySizeStatus::LargeMinimumSucceeded;
}
break;
}
// If that failed, try again with a smaller minimum key size.
NSSCertDBTrustDomain trustDomainWeak(trustSSL, ocspFetching, mOCSPCache,
pinArg, ocspGETConfig, mPinningMode,
MINIMUM_NON_ECC_BITS_WEAK, hostname,
builtChain);
rv = BuildCertChainForOneKeyUsage(trustDomainWeak, certDER, time,
KeyUsage::digitalSignature, // (EC)DHE
KeyUsage::keyEncipherment, // RSA
KeyUsage::keyAgreement, // (EC)DH
KeyPurposeId::id_kp_serverAuth,
CertPolicyId::anyPolicy,
stapledOCSPResponse,
ocspStaplingStatus);
if (keySizeStatus) {
if (rv == Success) {
*keySizeStatus = KeySizeStatus::CompatibilityRisk;
} else {
*keySizeStatus = KeySizeStatus::AlreadyBad;
}
}
break;
}
case certificateUsageSSLCA: {
NSSCertDBTrustDomain trustDomain(trustSSL, ocspFetching, mOCSPCache,
pinArg, ocspGETConfig, pinningDisabled,
MINIMUM_NON_ECC_BITS_WEAK, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeCA, KeyUsage::keyCertSign,
KeyPurposeId::id_kp_serverAuth,
CertPolicyId::anyPolicy, stapledOCSPResponse);
break;
}
case certificateUsageEmailSigner: {
NSSCertDBTrustDomain trustDomain(trustEmail, ocspFetching, mOCSPCache,
pinArg, ocspGETConfig, pinningDisabled,
MINIMUM_NON_ECC_BITS_WEAK, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
KeyUsage::digitalSignature,
KeyPurposeId::id_kp_emailProtection,
CertPolicyId::anyPolicy, stapledOCSPResponse);
if (rv == Result::ERROR_INADEQUATE_KEY_USAGE) {
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
KeyUsage::nonRepudiation,
KeyPurposeId::id_kp_emailProtection,
CertPolicyId::anyPolicy, stapledOCSPResponse);
}
break;
}
case certificateUsageEmailRecipient: {
// TODO: The higher level S/MIME processing should pass in which key
// usage it is trying to verify for, and base its algorithm choices
// based on the result of the verification(s).
NSSCertDBTrustDomain trustDomain(trustEmail, ocspFetching, mOCSPCache,
pinArg, ocspGETConfig, pinningDisabled,
MINIMUM_NON_ECC_BITS_WEAK, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
KeyUsage::keyEncipherment, // RSA
KeyPurposeId::id_kp_emailProtection,
CertPolicyId::anyPolicy, stapledOCSPResponse);
if (rv == Result::ERROR_INADEQUATE_KEY_USAGE) {
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
KeyUsage::keyAgreement, // ECDH/DH
KeyPurposeId::id_kp_emailProtection,
CertPolicyId::anyPolicy, stapledOCSPResponse);
}
break;
}
case certificateUsageObjectSigner: {
NSSCertDBTrustDomain trustDomain(trustObjectSigning, ocspFetching,
mOCSPCache, pinArg, ocspGETConfig,
pinningDisabled,
MINIMUM_NON_ECC_BITS_WEAK, nullptr,
builtChain);
rv = BuildCertChain(trustDomain, certDER, time,
EndEntityOrCA::MustBeEndEntity,
KeyUsage::digitalSignature,
KeyPurposeId::id_kp_codeSigning,
CertPolicyId::anyPolicy, stapledOCSPResponse);
break;
}
case certificateUsageVerifyCA:
case certificateUsageStatusResponder: {
// XXX This is a pretty useless way to verify a certificate. It is used
// by the certificate viewer UI. Because we don't know what trust bit is
// interesting, we just try them all.
mozilla::pkix::EndEntityOrCA endEntityOrCA;
mozilla::pkix::KeyUsage keyUsage;
KeyPurposeId eku;
if (usage == certificateUsageVerifyCA) {
endEntityOrCA = EndEntityOrCA::MustBeCA;
keyUsage = KeyUsage::keyCertSign;
eku = KeyPurposeId::anyExtendedKeyUsage;
} else {
endEntityOrCA = EndEntityOrCA::MustBeEndEntity;
keyUsage = KeyUsage::digitalSignature;
eku = KeyPurposeId::id_kp_OCSPSigning;
}
NSSCertDBTrustDomain sslTrust(trustSSL, ocspFetching, mOCSPCache, pinArg,
ocspGETConfig, pinningDisabled,
MINIMUM_NON_ECC_BITS_WEAK, nullptr,
builtChain);
rv = BuildCertChain(sslTrust, certDER, time, endEntityOrCA,
keyUsage, eku, CertPolicyId::anyPolicy,
stapledOCSPResponse);
if (rv == Result::ERROR_UNKNOWN_ISSUER) {
NSSCertDBTrustDomain emailTrust(trustEmail, ocspFetching, mOCSPCache,
pinArg, ocspGETConfig, pinningDisabled,
MINIMUM_NON_ECC_BITS_WEAK, nullptr,
builtChain);
rv = BuildCertChain(emailTrust, certDER, time, endEntityOrCA,
keyUsage, eku, CertPolicyId::anyPolicy,
stapledOCSPResponse);
if (rv == Result::ERROR_UNKNOWN_ISSUER) {
NSSCertDBTrustDomain objectSigningTrust(trustObjectSigning,
ocspFetching, mOCSPCache,
pinArg, ocspGETConfig,
pinningDisabled,
MINIMUM_NON_ECC_BITS_WEAK,
nullptr, builtChain);
rv = BuildCertChain(objectSigningTrust, certDER, time,
endEntityOrCA, keyUsage, eku,
CertPolicyId::anyPolicy, stapledOCSPResponse);
}
}
break;
}
default:
rv = Result::FATAL_ERROR_INVALID_ARGS;
}
if (rv != Success) {
if (rv != Result::ERROR_KEY_PINNING_FAILURE &&
usage == certificateUsageSSLServer) {
ScopedCERTCertificate certCopy(CERT_DupCertificate(cert));
if (!certCopy) {
return SECFailure;
}
ScopedCERTCertList certList(CERT_NewCertList());
if (!certList) {
return SECFailure;
}
SECStatus srv = CERT_AddCertToListTail(certList.get(), certCopy.get());
if (srv != SECSuccess) {
return SECFailure;
}
certCopy.forget(); // now owned by certList
Result pinningResult = CertListContainsExpectedKeys(certList, hostname,
time, mPinningMode);
if (pinningResult != Success) {
rv = pinningResult;
}
}
PR_SetError(MapResultToPRErrorCode(rv), 0);
return SECFailure;
}
return SECSuccess;
}
// Recursively build the path from the given subject certificate to the root.
//
// Be very careful about changing the order of checks. The order is significant
// because it affects which error we return when a certificate or certificate
// chain has multiple problems. See the error ranking documentation in
// pkix/pkix.h.
static Result
BuildForward(TrustDomain& trustDomain,
BackCert& subject,
PRTime time,
EndEntityOrCA endEntityOrCA,
KeyUsages requiredKeyUsagesIfPresent,
KeyPurposeId requiredEKUIfPresent,
const CertPolicyId& requiredPolicy,
/*optional*/ const SECItem* stapledOCSPResponse,
unsigned int subCACount,
/*out*/ ScopedCERTCertList& results)
{
Result rv;
TrustLevel trustLevel;
// If this is an end-entity and not a trust anchor, we defer reporting
// any error found here until after attempting to find a valid chain.
// See the explanation of error prioritization in pkix.h.
rv = CheckIssuerIndependentProperties(trustDomain, subject, time,
endEntityOrCA,
requiredKeyUsagesIfPresent,
requiredEKUIfPresent, requiredPolicy,
subCACount, &trustLevel);
PRErrorCode deferredEndEntityError = 0;
if (rv != Success) {
if (endEntityOrCA == EndEntityOrCA::MustBeEndEntity &&
trustLevel != TrustLevel::TrustAnchor) {
deferredEndEntityError = PR_GetError();
} else {
return rv;
}
}
if (trustLevel == TrustLevel::TrustAnchor) {
// End of the recursion.
// Construct the results cert chain.
results = CERT_NewCertList();
if (!results) {
return MapSECStatus(SECFailure);
}
for (BackCert* cert = &subject; cert; cert = cert->childCert) {
CERTCertificate* dup = CERT_DupCertificate(cert->GetNSSCert());
if (CERT_AddCertToListHead(results.get(), dup) != SECSuccess) {
CERT_DestroyCertificate(dup);
return MapSECStatus(SECFailure);
}
// dup is now owned by results.
}
// This must be done here, after the chain is built but before any
// revocation checks have been done.
SECStatus srv = trustDomain.IsChainValid(results.get());
if (srv != SECSuccess) {
return MapSECStatus(srv);
}
return Success;
}
if (endEntityOrCA == EndEntityOrCA::MustBeCA) {
// Avoid stack overflows and poor performance by limiting cert chain
// length.
static const unsigned int MAX_SUBCA_COUNT = 6;
if (subCACount >= MAX_SUBCA_COUNT) {
return Fail(RecoverableError, SEC_ERROR_UNKNOWN_ISSUER);
}
++subCACount;
} else {
PR_ASSERT(subCACount == 0);
}
// Find a trusted issuer.
// TODO(bug 965136): Add SKI/AKI matching optimizations
ScopedCERTCertList candidates;
if (trustDomain.FindPotentialIssuers(&subject.GetNSSCert()->derIssuer, time,
candidates) != SECSuccess) {
return MapSECStatus(SECFailure);
}
if (!candidates) {
return Fail(RecoverableError, SEC_ERROR_UNKNOWN_ISSUER);
}
PRErrorCode errorToReturn = 0;
for (CERTCertListNode* n = CERT_LIST_HEAD(candidates);
!CERT_LIST_END(n, candidates); n = CERT_LIST_NEXT(n)) {
rv = BuildForwardInner(trustDomain, subject, time, requiredEKUIfPresent,
requiredPolicy, n->cert->derCert, subCACount,
results);
if (rv == Success) {
// If we found a valid chain but deferred reporting an error with the
// end-entity certificate, report it now.
if (deferredEndEntityError != 0) {
return Fail(FatalError, deferredEndEntityError);
}
SECStatus srv = trustDomain.CheckRevocation(endEntityOrCA,
subject.GetNSSCert(),
n->cert, time,
stapledOCSPResponse);
if (srv != SECSuccess) {
return MapSECStatus(SECFailure);
}
// We found a trusted issuer. At this point, we know the cert is valid
// and results contains the complete cert chain.
return Success;
}
if (rv != RecoverableError) {
return rv;
}
PRErrorCode currentError = PR_GetError();
switch (currentError) {
case 0:
PR_NOT_REACHED("Error code not set!");
return Fail(FatalError, PR_INVALID_STATE_ERROR);
case SEC_ERROR_UNTRUSTED_CERT:
currentError = SEC_ERROR_UNTRUSTED_ISSUER;
break;
default:
break;
}
if (errorToReturn == 0) {
errorToReturn = currentError;
} else if (errorToReturn != currentError) {
errorToReturn = SEC_ERROR_UNKNOWN_ISSUER;
}
}
if (errorToReturn == 0) {
errorToReturn = SEC_ERROR_UNKNOWN_ISSUER;
}
return Fail(RecoverableError, errorToReturn);
}