security/certverifier/NSSCertDBTrustDomain.h

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #ifndef NSSCertDBTrustDomain_h
   8 #define NSSCertDBTrustDomain_h
   9
  10 #include "CertVerifier.h"
  11 #include "ScopedNSSTypes.h"
  12 #include "mozilla/BasePrincipal.h"
  13 #include "mozilla/TimeStamp.h"
  14 #ifdef MOZ_NEW_CERT_STORAGE
  15 #  include "nsICertStorage.h"
  16 #else
  17 #  include "nsICertBlocklist.h"
  18 #endif
  19 #include "nsString.h"
  20 #include "mozpkix/pkixtypes.h"
  21 #include "secmodt.h"
  22
  23 namespace mozilla {
  24 namespace psm {
  25
  26 enum class ValidityCheckingMode {
  27   CheckingOff = 0,
  28   CheckForEV = 1,
  29 };
  30
  31 enum class NSSDBConfig {
  32   ReadWrite = 0,
  33   ReadOnly = 1,
  34 };
  35
  36 enum class PKCS11DBConfig {
  37   DoNotLoadModules = 0,
  38   LoadModules = 1,
  39 };
  40
  41 // Policy options for matching id-Netscape-stepUp with id-kp-serverAuth (for CA
  42 // certificates only):
  43 // * Always match: the step-up OID is considered equivalent to serverAuth
  44 // * Match before 23 August 2016: the OID is considered equivalent if the
  45 //   certificate's notBefore is before 23 August 2016
  46 // * Match before 23 August 2015: similarly, but for 23 August 2015
  47 // * Never match: the OID is never considered equivalent to serverAuth
  48 enum class NetscapeStepUpPolicy : uint32_t {
  49   AlwaysMatch = 0,
  50   MatchBefore23August2016 = 1,
  51   MatchBefore23August2015 = 2,
  52   NeverMatch = 3,
  53 };
  54
  55 SECStatus InitializeNSS(const nsACString& dir, NSSDBConfig nssDbConfig,
  56                         PKCS11DBConfig pkcs11DbConfig);
  57
  58 void DisableMD5();
  59
  60 /**
  61  * Loads root certificates from a module.
  62  *
  63  * @param dir
  64  *        The path to the directory containing the NSS builtin roots module.
  65  *        Usually the same as the path to the other NSS shared libraries.
  66  *        If empty, the (library) path will be searched.
  67  * @return true if the roots were successfully loaded, false otherwise.
  68  */
  69 bool LoadLoadableRoots(const nsCString& dir);
  70
  71 /**
  72  * Loads the OS client certs module.
  73  *
  74  * @param dir
  75  *        The path to the directory containing the module. This should be the
  76  *        same as where all of the other gecko libraries live.
  77  * @return true if the module was successfully loaded, false otherwise.
  78  */
  79 bool LoadOSClientCertsModule(const nsCString& dir);
  80
  81 extern const char* kOSClientCertsModuleName;
  82
  83 /**
  84  * Unloads the loadable roots module and os client certs module, if loaded.
  85  */
  86 void UnloadUserModules();
  87
  88 nsresult DefaultServerNicknameForCert(const CERTCertificate* cert,
  89                                       /*out*/ nsCString& nickname);
  90
  91 #ifdef MOZ_NEW_CERT_STORAGE
  92 /**
  93  * Build nsTArray<uint8_t>s out of the issuer, serial, subject and public key
  94  * data from the supplied certificate for use in revocation checks.
  95  *
  96  * @param certDER
  97  *        The Input that references the encoded bytes of the certificate.
  98  * @param endEntityOrCA
  99  *        Whether the certificate is an end-entity or CA.
 100  * @param out encIssuer
 101  *        The array to populate with issuer data.
 102  * @param out encSerial
 103  *        The array to populate with serial number data.
 104  * @param out encSubject
 105  *        The array to populate with subject data.
 106  * @param out encPubKey
 107  *        The array to populate with public key data.
 108  * @return
 109  *        Result::Success, unless there's a problem decoding the certificate.
 110  */
 111 pkix::Result BuildRevocationCheckArrays(pkix::Input certDER,
 112                                         pkix::EndEntityOrCA endEntityOrCA,
 113                                         /*out*/ nsTArray<uint8_t>& issuerBytes,
 114                                         /*out*/ nsTArray<uint8_t>& serialBytes,
 115                                         /*out*/ nsTArray<uint8_t>& subjectBytes,
 116                                         /*out*/ nsTArray<uint8_t>& pubKeyBytes);
 117 #else
 118 /**
 119  * Build strings of base64 encoded issuer, serial, subject and public key data
 120  * from the supplied certificate for use in revocation checks.
 121  *
 122  * @param certDER
 123  *        The Input that references the encoded bytes of the certificate.
 124  * @param endEntityOrCA
 125  *        Whether the certificate is an end-entity or CA.
 126  * @param out encIssuer
 127  *        The string to populate with base64 encoded issuer data.
 128  * @param out encSerial
 129  *        The string to populate with base64 encoded serial number data.
 130  * @param out encSubject
 131  *        The string to populate with base64 encoded subject data.
 132  * @param out encPubKey
 133  *        The string to populate with base64 encoded public key data.
 134  * @return
 135  *        Result::Success, unless there's a problem decoding the certificate or
 136  *        a Base64 encoding problem.
 137  */
 138 pkix::Result BuildRevocationCheckStrings(pkix::Input certDER,
 139                                          pkix::EndEntityOrCA endEntityOrCA,
 140                                          /*out*/ nsCString& encIssuer,
 141                                          /*out*/ nsCString& encSerial,
 142                                          /*out*/ nsCString& encSubject,
 143                                          /*out*/ nsCString& encPubKey);
 144 #endif
 145
 146 void SaveIntermediateCerts(const UniqueCERTCertList& certList);
 147
 148 class NSSCertDBTrustDomain : public mozilla::pkix::TrustDomain {
 149  public:
 150   typedef mozilla::pkix::Result Result;
 151
 152   enum OCSPFetching {
 153     NeverFetchOCSP = 0,
 154     FetchOCSPForDVSoftFail = 1,
 155     FetchOCSPForDVHardFail = 2,
 156     FetchOCSPForEV = 3,
 157     LocalOnlyOCSPForEV = 4,
 158   };
 159
 160   NSSCertDBTrustDomain(
 161       SECTrustType certDBTrustType, OCSPFetching ocspFetching,
 162       OCSPCache& ocspCache, void* pinArg, mozilla::TimeDuration ocspTimeoutSoft,
 163       mozilla::TimeDuration ocspTimeoutHard, uint32_t certShortLifetimeInDays,
 164       CertVerifier::PinningMode pinningMode, unsigned int minRSABits,
 165       ValidityCheckingMode validityCheckingMode,
 166       CertVerifier::SHA1Mode sha1Mode,
 167       NetscapeStepUpPolicy netscapeStepUpPolicy,
 168       DistrustedCAPolicy distrustedCAPolicy, CRLiteMode crliteMode,
 169       const OriginAttributes& originAttributes,
 170       const Vector<mozilla::pkix::Input>& thirdPartyRootInputs,
 171       const Vector<mozilla::pkix::Input>& thirdPartyIntermediateInputs,
 172       const Maybe<nsTArray<nsTArray<uint8_t>>>& extraCertificates,
 173       /*out*/ UniqueCERTCertList& builtChain,
 174       /*optional*/ PinningTelemetryInfo* pinningTelemetryInfo = nullptr,
 175       /*optional*/ CRLiteTelemetryInfo* crliteTelemetryInfo = nullptr,
 176       /*optional*/ const char* hostname = nullptr);
 177
 178   virtual Result FindIssuer(mozilla::pkix::Input encodedIssuerName,
 179                             IssuerChecker& checker,
 180                             mozilla::pkix::Time time) override;
 181
 182   virtual Result GetCertTrust(
 183       mozilla::pkix::EndEntityOrCA endEntityOrCA,
 184       const mozilla::pkix::CertPolicyId& policy,
 185       mozilla::pkix::Input candidateCertDER,
 186       /*out*/ mozilla::pkix::TrustLevel& trustLevel) override;
 187
 188   virtual Result CheckSignatureDigestAlgorithm(
 189       mozilla::pkix::DigestAlgorithm digestAlg,
 190       mozilla::pkix::EndEntityOrCA endEntityOrCA,
 191       mozilla::pkix::Time notBefore) override;
 192
 193   virtual Result CheckRSAPublicKeyModulusSizeInBits(
 194       mozilla::pkix::EndEntityOrCA endEntityOrCA,
 195       unsigned int modulusSizeInBits) override;
 196
 197   virtual Result VerifyRSAPKCS1SignedDigest(
 198       const mozilla::pkix::SignedDigest& signedDigest,
 199       mozilla::pkix::Input subjectPublicKeyInfo) override;
 200
 201   virtual Result CheckECDSACurveIsAcceptable(
 202       mozilla::pkix::EndEntityOrCA endEntityOrCA,
 203       mozilla::pkix::NamedCurve curve) override;
 204
 205   virtual Result VerifyECDSASignedDigest(
 206       const mozilla::pkix::SignedDigest& signedDigest,
 207       mozilla::pkix::Input subjectPublicKeyInfo) override;
 208
 209   virtual Result DigestBuf(mozilla::pkix::Input item,
 210                            mozilla::pkix::DigestAlgorithm digestAlg,
 211                            /*out*/ uint8_t* digestBuf,
 212                            size_t digestBufLen) override;
 213
 214   virtual Result CheckValidityIsAcceptable(
 215       mozilla::pkix::Time notBefore, mozilla::pkix::Time notAfter,
 216       mozilla::pkix::EndEntityOrCA endEntityOrCA,
 217       mozilla::pkix::KeyPurposeId keyPurpose) override;
 218
 219   virtual Result NetscapeStepUpMatchesServerAuth(
 220       mozilla::pkix::Time notBefore,
 221       /*out*/ bool& matches) override;
 222
 223   virtual Result CheckRevocation(
 224       mozilla::pkix::EndEntityOrCA endEntityOrCA,
 225       const mozilla::pkix::CertID& certID, mozilla::pkix::Time time,
 226       mozilla::pkix::Time validityPeriodBeginning,
 227       mozilla::pkix::Duration validityDuration,
 228       /*optional*/ const mozilla::pkix::Input* stapledOCSPResponse,
 229       /*optional*/ const mozilla::pkix::Input* aiaExtension) override;
 230
 231   virtual Result IsChainValid(
 232       const mozilla::pkix::DERArray& certChain, mozilla::pkix::Time time,
 233       const mozilla::pkix::CertPolicyId& requiredPolicy) override;
 234
 235   virtual void NoteAuxiliaryExtension(
 236       mozilla::pkix::AuxiliaryExtension extension,
 237       mozilla::pkix::Input extensionData) override;
 238
 239   // Resets the OCSP stapling status and SCT lists accumulated during
 240   // the chain building.
 241   void ResetAccumulatedState();
 242
 243   CertVerifier::OCSPStaplingStatus GetOCSPStaplingStatus() const {
 244     return mOCSPStaplingStatus;
 245   }
 246
 247   // SCT lists (see Certificate Transparency) extracted during
 248   // certificate verification. Note that the returned Inputs are invalidated
 249   // the next time a chain is built and by ResetAccumulatedState method
 250   // (and when the TrustDomain object is destroyed).
 251
 252   mozilla::pkix::Input GetSCTListFromCertificate() const;
 253   mozilla::pkix::Input GetSCTListFromOCSPStapling() const;
 254
 255   bool GetIsErrorDueToDistrustedCAPolicy() const;
 256
 257  private:
 258   enum EncodedResponseSource {
 259     ResponseIsFromNetwork = 1,
 260     ResponseWasStapled = 2
 261   };
 262   Result VerifyAndMaybeCacheEncodedOCSPResponse(
 263       const mozilla::pkix::CertID& certID, mozilla::pkix::Time time,
 264       uint16_t maxLifetimeInDays, mozilla::pkix::Input encodedResponse,
 265       EncodedResponseSource responseSource, /*out*/ bool& expired);
 266   TimeDuration GetOCSPTimeout() const;
 267
 268   Result SynchronousCheckRevocationWithServer(
 269       const mozilla::pkix::CertID& certID, const nsCString& aiaLocation,
 270       mozilla::pkix::Time time, uint16_t maxOCSPLifetimeInDays,
 271       const Result cachedResponseResult, const Result stapledOCSPResponseResult,
 272       const Maybe<TimeDuration>& crliteLookupDuration);
 273   Result HandleOCSPFailure(const Result cachedResponseResult,
 274                            const Result stapledOCSPResponseResult,
 275                            const Result error);
 276
 277   const SECTrustType mCertDBTrustType;
 278   const OCSPFetching mOCSPFetching;
 279   OCSPCache& mOCSPCache;  // non-owning!
 280   void* mPinArg;          // non-owning!
 281   const mozilla::TimeDuration mOCSPTimeoutSoft;
 282   const mozilla::TimeDuration mOCSPTimeoutHard;
 283   const uint32_t mCertShortLifetimeInDays;
 284   CertVerifier::PinningMode mPinningMode;
 285   const unsigned int mMinRSABits;
 286   ValidityCheckingMode mValidityCheckingMode;
 287   CertVerifier::SHA1Mode mSHA1Mode;
 288   NetscapeStepUpPolicy mNetscapeStepUpPolicy;
 289   DistrustedCAPolicy mDistrustedCAPolicy;
 290   CRLiteMode mCRLiteMode;
 291   bool mSawDistrustedCAByPolicyError;
 292   const OriginAttributes& mOriginAttributes;
 293   const Vector<mozilla::pkix::Input>& mThirdPartyRootInputs;  // non-owning
 294   const Vector<mozilla::pkix::Input>&
 295       mThirdPartyIntermediateInputs;                             // non-owning
 296   const Maybe<nsTArray<nsTArray<uint8_t>>>& mExtraCertificates;  // non-owning
 297   UniqueCERTCertList& mBuiltChain;                               // non-owning
 298   PinningTelemetryInfo* mPinningTelemetryInfo;
 299   CRLiteTelemetryInfo* mCRLiteTelemetryInfo;
 300   const char* mHostname;  // non-owning - only used for pinning checks
 301 #ifdef MOZ_NEW_CERT_STORAGE
 302   nsCOMPtr<nsICertStorage> mCertStorage;
 303 #else
 304   nsCOMPtr<nsICertBlocklist> mCertBlocklist;
 305 #endif
 306   CertVerifier::OCSPStaplingStatus mOCSPStaplingStatus;
 307   // Certificate Transparency data extracted during certificate verification
 308   UniqueSECItem mSCTListFromCertificate;
 309   UniqueSECItem mSCTListFromOCSPStapling;
 310
 311   // The built-in roots module, if available.
 312   UniqueSECMODModule mBuiltInRootsModule;
 313 };
 314
 315 }  // namespace psm
 316 }  // namespace mozilla
 317
 318 #endif  // NSSCertDBTrustDomain_h