mirror of
https://github.com/klzgrad/naiveproxy.git
synced 2024-12-01 09:46:09 +03:00
242 lines
8.4 KiB
C++
242 lines
8.4 KiB
C++
// Copyright 2015 The Chromium Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
#ifndef NET_CERT_INTERNAL_VERIFY_CERTIFICATE_CHAIN_H_
|
|
#define NET_CERT_INTERNAL_VERIFY_CERTIFICATE_CHAIN_H_
|
|
|
|
#include <set>
|
|
|
|
#include "base/compiler_specific.h"
|
|
#include "base/memory/ref_counted.h"
|
|
#include "net/base/net_export.h"
|
|
#include "net/cert/internal/cert_errors.h"
|
|
#include "net/cert/internal/parsed_certificate.h"
|
|
#include "net/der/input.h"
|
|
#include "third_party/boringssl/src/include/openssl/evp.h"
|
|
|
|
namespace net {
|
|
|
|
namespace der {
|
|
struct GeneralizedTime;
|
|
}
|
|
|
|
struct CertificateTrust;
|
|
|
|
// The key purpose (extended key usage) to check for during verification.
|
|
enum class KeyPurpose {
|
|
ANY_EKU,
|
|
SERVER_AUTH,
|
|
CLIENT_AUTH,
|
|
};
|
|
|
|
enum class InitialExplicitPolicy {
|
|
kFalse,
|
|
kTrue,
|
|
};
|
|
|
|
enum class InitialPolicyMappingInhibit {
|
|
kFalse,
|
|
kTrue,
|
|
};
|
|
|
|
enum class InitialAnyPolicyInhibit {
|
|
kFalse,
|
|
kTrue,
|
|
};
|
|
|
|
// VerifyCertificateChainDelegate exposes delegate methods used when verifying a
|
|
// chain.
|
|
class NET_EXPORT VerifyCertificateChainDelegate {
|
|
public:
|
|
// Implementations should return true if |signature_algorithm| is allowed for
|
|
// certificate signing, false otherwise. When returning false implementations
|
|
// can optionally add high-severity errors to |errors| with details on why it
|
|
// was rejected.
|
|
virtual bool IsSignatureAlgorithmAcceptable(
|
|
const SignatureAlgorithm& signature_algorithm,
|
|
CertErrors* errors) = 0;
|
|
|
|
// Implementations should return true if |public_key| is acceptable. This is
|
|
// called for each certificate in the chain, including the target certificate.
|
|
// When returning false implementations can optionally add high-severity
|
|
// errors to |errors| with details on why it was rejected.
|
|
//
|
|
// |public_key| can be assumed to be non-null.
|
|
virtual bool IsPublicKeyAcceptable(EVP_PKEY* public_key,
|
|
CertErrors* errors) = 0;
|
|
|
|
virtual ~VerifyCertificateChainDelegate();
|
|
};
|
|
|
|
// VerifyCertificateChain() verifies an ordered certificate path in accordance
|
|
// with RFC 5280's "Certification Path Validation" algorithm (section 6).
|
|
//
|
|
// -----------------------------------------
|
|
// Deviations from RFC 5280
|
|
// -----------------------------------------
|
|
//
|
|
// * If Extended Key Usage appears on intermediates, it is treated as
|
|
// a restriction on subordinate certificates.
|
|
//
|
|
// -----------------------------------------
|
|
// Additional responsibilities of the caller
|
|
// -----------------------------------------
|
|
//
|
|
// After successful path verification, the caller is responsible for
|
|
// subsequently checking:
|
|
//
|
|
// * The end-entity's KeyUsage before using its SPKI.
|
|
// * The end-entity's name/subjectAltName. Name constraints from intermediates
|
|
// will have already been applied, so it is sufficient to check the
|
|
// end-entity for a match.
|
|
//
|
|
// ---------
|
|
// Inputs
|
|
// ---------
|
|
//
|
|
// certs:
|
|
// A non-empty chain of DER-encoded certificates, listed in the
|
|
// "forward" direction. The first certificate is the target
|
|
// certificate to verify, and the last certificate has trustedness
|
|
// given by |last_cert_trust| (generally a trust anchor).
|
|
//
|
|
// * certs[0] is the target certificate to verify.
|
|
// * certs[i+1] holds the certificate that issued cert_chain[i].
|
|
// * certs[N-1] the root certificate
|
|
//
|
|
// Note that THIS IS NOT identical in meaning to the same named
|
|
// "certs" input defined in RFC 5280 section 6.1.1.a. The differences
|
|
// are:
|
|
//
|
|
// * The order of certificates is reversed
|
|
// * In RFC 5280 "certs" DOES NOT include the trust anchor
|
|
//
|
|
// last_cert_trust:
|
|
// Trustedness of |certs.back()|. The trustedness of |certs.back()|
|
|
// MUST BE decided by the caller -- this function takes it purely as
|
|
// an input. Moreover, the CertificateTrust can be used to specify
|
|
// trust anchor constraints.
|
|
//
|
|
// This combined with |certs.back()| (the root certificate) fills a
|
|
// similar role to "trust anchor information" defined in RFC 5280
|
|
// section 6.1.1.d.
|
|
//
|
|
// delegate:
|
|
// |delegate| must be non-null. It is used to answer policy questions such
|
|
// as whether a signature algorithm is acceptable, or a public key is strong
|
|
// enough.
|
|
//
|
|
// time:
|
|
// The UTC time to use for expiration checks. This is equivalent to
|
|
// the input from RFC 5280 section 6.1.1:
|
|
//
|
|
// (b) the current date/time.
|
|
//
|
|
// required_key_purpose:
|
|
// The key purpose that the target certificate needs to be valid for.
|
|
//
|
|
// user_initial_policy_set:
|
|
// This is equivalent to the same named input in RFC 5280 section
|
|
// 6.1.1:
|
|
//
|
|
// (c) user-initial-policy-set: A set of certificate policy
|
|
// identifiers naming the policies that are acceptable to the
|
|
// certificate user. The user-initial-policy-set contains the
|
|
// special value any-policy if the user is not concerned about
|
|
// certificate policy.
|
|
//
|
|
// initial_policy_mapping_inhibit:
|
|
// This is equivalent to the same named input in RFC 5280 section
|
|
// 6.1.1:
|
|
//
|
|
// (e) initial-policy-mapping-inhibit, which indicates if policy
|
|
// mapping is allowed in the certification path.
|
|
//
|
|
// initial_explicit_policy:
|
|
// This is equivalent to the same named input in RFC 5280 section
|
|
// 6.1.1:
|
|
//
|
|
// (f) initial-explicit-policy, which indicates if the path must be
|
|
// valid for at least one of the certificate policies in the
|
|
// user-initial-policy-set.
|
|
//
|
|
// initial_any_policy_inhibit:
|
|
// This is equivalent to the same named input in RFC 5280 section
|
|
// 6.1.1:
|
|
//
|
|
// (g) initial-any-policy-inhibit, which indicates whether the
|
|
// anyPolicy OID should be processed if it is included in a
|
|
// certificate.
|
|
//
|
|
// ---------
|
|
// Outputs
|
|
// ---------
|
|
//
|
|
// user_constrained_policy_set:
|
|
// Can be null. If non-null, |user_constrained_policy_set| will be filled
|
|
// with the matching policies (intersected with user_initial_policy_set).
|
|
// This is equivalent to the same named output in X.509 section 10.2.
|
|
// Note that it is OK for this to point to input user_initial_policy_set.
|
|
//
|
|
// errors:
|
|
// Must be non-null. The set of errors/warnings encountered while
|
|
// validating the path are appended to this structure. If verification
|
|
// failed, then there is guaranteed to be at least 1 high severity error
|
|
// written to |errors|.
|
|
//
|
|
// -------------------------
|
|
// Trust Anchor constraints
|
|
// -------------------------
|
|
//
|
|
// Conceptually, VerifyCertificateChain() sets RFC 5937's
|
|
// "enforceTrustAnchorConstraints" to true.
|
|
//
|
|
// One specifies trust anchor constraints using the |last_cert_trust|
|
|
// parameter in conjunction with extensions appearing in |certs.back()|.
|
|
//
|
|
// The trust anchor |certs.back()| is always passed as a certificate to
|
|
// this function, however the manner in which that certificate is
|
|
// interpreted depends on |last_cert_trust|:
|
|
//
|
|
// TRUSTED_ANCHOR:
|
|
//
|
|
// No properties from the root certificate, other than its Subject and
|
|
// SPKI, are checked during verification. This is the usual
|
|
// interpretation for a "trust anchor".
|
|
//
|
|
// TRUSTED_ANCHOR_WITH_CONSTRAINTS:
|
|
//
|
|
// Only a subset of extensions and properties from the certificate are checked,
|
|
// as described by RFC 5937.
|
|
//
|
|
// * Signature: No
|
|
// * Validity (expiration): No
|
|
// * Key usage: No
|
|
// * Extended key usage: Yes (not part of RFC 5937)
|
|
// * Basic constraints: Yes, but only the pathlen (CA=false is accepted)
|
|
// * Name constraints: Yes
|
|
// * Certificate policies: Not currently, TODO(crbug.com/634453)
|
|
// * Policy Mappings: No
|
|
// * inhibitAnyPolicy: Not currently, TODO(crbug.com/634453)
|
|
// * PolicyConstraints: Not currently, TODO(crbug.com/634452)
|
|
//
|
|
// The presence of any other unrecognized extension marked as critical fails
|
|
// validation.
|
|
NET_EXPORT void VerifyCertificateChain(
|
|
const ParsedCertificateList& certs,
|
|
const CertificateTrust& last_cert_trust,
|
|
VerifyCertificateChainDelegate* delegate,
|
|
const der::GeneralizedTime& time,
|
|
KeyPurpose required_key_purpose,
|
|
InitialExplicitPolicy initial_explicit_policy,
|
|
const std::set<der::Input>& user_initial_policy_set,
|
|
InitialPolicyMappingInhibit initial_policy_mapping_inhibit,
|
|
InitialAnyPolicyInhibit initial_any_policy_inhibit,
|
|
std::set<der::Input>* user_constrained_policy_set,
|
|
CertPathErrors* errors);
|
|
|
|
} // namespace net
|
|
|
|
#endif // NET_CERT_INTERNAL_VERIFY_CERTIFICATE_CHAIN_H_
|