1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "net/cert/cert_verify_proc.h" 6 7#include <vector> 8 9#include "base/callback_helpers.h" 10#include "base/files/file_path.h" 11#include "base/files/file_util.h" 12#include "base/logging.h" 13#include "base/sha1.h" 14#include "base/strings/string_number_conversions.h" 15#include "crypto/sha2.h" 16#include "net/base/net_errors.h" 17#include "net/base/test_data_directory.h" 18#include "net/cert/asn1_util.h" 19#include "net/cert/cert_status_flags.h" 20#include "net/cert/cert_verifier.h" 21#include "net/cert/cert_verify_result.h" 22#include "net/cert/crl_set.h" 23#include "net/cert/crl_set_storage.h" 24#include "net/cert/test_root_certs.h" 25#include "net/cert/x509_certificate.h" 26#include "net/test/cert_test_util.h" 27#include "net/test/test_certificate_data.h" 28#include "testing/gtest/include/gtest/gtest.h" 29 30#if defined(OS_WIN) 31#include "base/win/windows_version.h" 32#elif defined(OS_MACOSX) && !defined(OS_IOS) 33#include "base/mac/mac_util.h" 34#elif defined(OS_ANDROID) 35#include "base/android/build_info.h" 36#endif 37 38using base::HexEncode; 39 40namespace net { 41 42namespace { 43 44// A certificate for www.paypal.com with a NULL byte in the common name. 45// From http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/70363 46unsigned char paypal_null_fingerprint[] = { 47 0x4c, 0x88, 0x9e, 0x28, 0xd7, 0x7a, 0x44, 0x1e, 0x13, 0xf2, 0x6a, 0xba, 48 0x1f, 0xe8, 0x1b, 0xd6, 0xab, 0x7b, 0xe8, 0xd7 49}; 50 51// Mock CertVerifyProc that will set |verify_result->is_issued_by_known_root| 52// for all certificates that are Verified. 53class WellKnownCaCertVerifyProc : public CertVerifyProc { 54 public: 55 // Initialize a CertVerifyProc that will set 56 // |verify_result->is_issued_by_known_root| to |is_well_known|. 57 explicit WellKnownCaCertVerifyProc(bool is_well_known) 58 : is_well_known_(is_well_known) {} 59 60 // CertVerifyProc implementation: 61 virtual bool SupportsAdditionalTrustAnchors() const OVERRIDE { return false; } 62 63 protected: 64 virtual ~WellKnownCaCertVerifyProc() {} 65 66 private: 67 virtual int VerifyInternal(X509Certificate* cert, 68 const std::string& hostname, 69 int flags, 70 CRLSet* crl_set, 71 const CertificateList& additional_trust_anchors, 72 CertVerifyResult* verify_result) OVERRIDE; 73 74 const bool is_well_known_; 75 76 DISALLOW_COPY_AND_ASSIGN(WellKnownCaCertVerifyProc); 77}; 78 79int WellKnownCaCertVerifyProc::VerifyInternal( 80 X509Certificate* cert, 81 const std::string& hostname, 82 int flags, 83 CRLSet* crl_set, 84 const CertificateList& additional_trust_anchors, 85 CertVerifyResult* verify_result) { 86 verify_result->is_issued_by_known_root = is_well_known_; 87 return OK; 88} 89 90bool SupportsReturningVerifiedChain() { 91#if defined(OS_ANDROID) 92 // Before API level 17, Android does not expose the APIs necessary to get at 93 // the verified certificate chain. 94 if (base::android::BuildInfo::GetInstance()->sdk_int() < 17) 95 return false; 96#endif 97 return true; 98} 99 100bool SupportsDetectingKnownRoots() { 101#if defined(OS_ANDROID) 102 // Before API level 17, Android does not expose the APIs necessary to get at 103 // the verified certificate chain and detect known roots. 104 if (base::android::BuildInfo::GetInstance()->sdk_int() < 17) 105 return false; 106#endif 107 return true; 108} 109 110} // namespace 111 112class CertVerifyProcTest : public testing::Test { 113 public: 114 CertVerifyProcTest() 115 : verify_proc_(CertVerifyProc::CreateDefault()) { 116 } 117 virtual ~CertVerifyProcTest() {} 118 119 protected: 120 bool SupportsAdditionalTrustAnchors() { 121 return verify_proc_->SupportsAdditionalTrustAnchors(); 122 } 123 124 int Verify(X509Certificate* cert, 125 const std::string& hostname, 126 int flags, 127 CRLSet* crl_set, 128 const CertificateList& additional_trust_anchors, 129 CertVerifyResult* verify_result) { 130 return verify_proc_->Verify(cert, hostname, flags, crl_set, 131 additional_trust_anchors, verify_result); 132 } 133 134 const CertificateList empty_cert_list_; 135 scoped_refptr<CertVerifyProc> verify_proc_; 136}; 137 138TEST_F(CertVerifyProcTest, DISABLED_WithoutRevocationChecking) { 139 // Check that verification without revocation checking works. 140 CertificateList certs = CreateCertificateListFromFile( 141 GetTestCertsDirectory(), 142 "googlenew.chain.pem", 143 X509Certificate::FORMAT_PEM_CERT_SEQUENCE); 144 145 X509Certificate::OSCertHandles intermediates; 146 intermediates.push_back(certs[1]->os_cert_handle()); 147 148 scoped_refptr<X509Certificate> google_full_chain = 149 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), 150 intermediates); 151 152 CertVerifyResult verify_result; 153 EXPECT_EQ(OK, 154 Verify(google_full_chain.get(), 155 "www.google.com", 156 0 /* flags */, 157 NULL, 158 empty_cert_list_, 159 &verify_result)); 160} 161 162#if defined(OS_ANDROID) || defined(USE_OPENSSL_CERTS) 163// TODO(jnd): http://crbug.com/117478 - EV verification is not yet supported. 164#define MAYBE_EVVerification DISABLED_EVVerification 165#else 166#define MAYBE_EVVerification EVVerification 167#endif 168TEST_F(CertVerifyProcTest, MAYBE_EVVerification) { 169 CertificateList certs = CreateCertificateListFromFile( 170 GetTestCertsDirectory(), 171 "comodo.chain.pem", 172 X509Certificate::FORMAT_PEM_CERT_SEQUENCE); 173 ASSERT_EQ(3U, certs.size()); 174 175 X509Certificate::OSCertHandles intermediates; 176 intermediates.push_back(certs[1]->os_cert_handle()); 177 intermediates.push_back(certs[2]->os_cert_handle()); 178 179 scoped_refptr<X509Certificate> comodo_chain = 180 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), 181 intermediates); 182 183 scoped_refptr<CRLSet> crl_set(CRLSet::ForTesting(false, NULL, "")); 184 CertVerifyResult verify_result; 185 int flags = CertVerifier::VERIFY_EV_CERT; 186 int error = Verify(comodo_chain.get(), 187 "comodo.com", 188 flags, 189 crl_set.get(), 190 empty_cert_list_, 191 &verify_result); 192 EXPECT_EQ(OK, error); 193 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); 194} 195 196TEST_F(CertVerifyProcTest, PaypalNullCertParsing) { 197 scoped_refptr<X509Certificate> paypal_null_cert( 198 X509Certificate::CreateFromBytes( 199 reinterpret_cast<const char*>(paypal_null_der), 200 sizeof(paypal_null_der))); 201 202 ASSERT_NE(static_cast<X509Certificate*>(NULL), paypal_null_cert.get()); 203 204 const SHA1HashValue& fingerprint = 205 paypal_null_cert->fingerprint(); 206 for (size_t i = 0; i < 20; ++i) 207 EXPECT_EQ(paypal_null_fingerprint[i], fingerprint.data[i]); 208 209 int flags = 0; 210 CertVerifyResult verify_result; 211 int error = Verify(paypal_null_cert.get(), 212 "www.paypal.com", 213 flags, 214 NULL, 215 empty_cert_list_, 216 &verify_result); 217#if defined(USE_NSS) || defined(OS_IOS) || defined(OS_ANDROID) 218 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, error); 219#else 220 // TOOD(bulach): investigate why macosx and win aren't returning 221 // ERR_CERT_INVALID or ERR_CERT_COMMON_NAME_INVALID. 222 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); 223#endif 224 // Either the system crypto library should correctly report a certificate 225 // name mismatch, or our certificate blacklist should cause us to report an 226 // invalid certificate. 227#if defined(USE_NSS) || defined(OS_WIN) || defined(OS_IOS) 228 EXPECT_TRUE(verify_result.cert_status & 229 (CERT_STATUS_COMMON_NAME_INVALID | CERT_STATUS_INVALID)); 230#endif 231} 232 233// A regression test for http://crbug.com/31497. 234#if defined(OS_ANDROID) 235// Disabled on Android, as the Android verification libraries require an 236// explicit policy to be specified, even when anyPolicy is permitted. 237#define MAYBE_IntermediateCARequireExplicitPolicy \ 238 DISABLED_IntermediateCARequireExplicitPolicy 239#else 240#define MAYBE_IntermediateCARequireExplicitPolicy \ 241 IntermediateCARequireExplicitPolicy 242#endif 243TEST_F(CertVerifyProcTest, MAYBE_IntermediateCARequireExplicitPolicy) { 244 base::FilePath certs_dir = GetTestCertsDirectory(); 245 246 CertificateList certs = CreateCertificateListFromFile( 247 certs_dir, "explicit-policy-chain.pem", 248 X509Certificate::FORMAT_AUTO); 249 ASSERT_EQ(3U, certs.size()); 250 251 X509Certificate::OSCertHandles intermediates; 252 intermediates.push_back(certs[1]->os_cert_handle()); 253 254 scoped_refptr<X509Certificate> cert = 255 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), 256 intermediates); 257 ASSERT_TRUE(cert.get()); 258 259 ScopedTestRoot scoped_root(certs[2].get()); 260 261 int flags = 0; 262 CertVerifyResult verify_result; 263 int error = Verify(cert.get(), 264 "policy_test.example", 265 flags, 266 NULL, 267 empty_cert_list_, 268 &verify_result); 269 EXPECT_EQ(OK, error); 270 EXPECT_EQ(0u, verify_result.cert_status); 271} 272 273// Test for bug 58437. 274// This certificate will expire on 2011-12-21. The test will still 275// pass if error == ERR_CERT_DATE_INVALID. 276// This test is DISABLED because it appears that we cannot do 277// certificate revocation checking when running all of the net unit tests. 278// This test passes when run individually, but when run with all of the net 279// unit tests, the call to PKIXVerifyCert returns the NSS error -8180, which is 280// SEC_ERROR_REVOKED_CERTIFICATE. This indicates a lack of revocation 281// status, i.e. that the revocation check is failing for some reason. 282TEST_F(CertVerifyProcTest, DISABLED_GlobalSignR3EVTest) { 283 base::FilePath certs_dir = GetTestCertsDirectory(); 284 285 scoped_refptr<X509Certificate> server_cert = 286 ImportCertFromFile(certs_dir, "2029_globalsign_com_cert.pem"); 287 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert.get()); 288 289 scoped_refptr<X509Certificate> intermediate_cert = 290 ImportCertFromFile(certs_dir, "globalsign_ev_sha256_ca_cert.pem"); 291 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert.get()); 292 293 X509Certificate::OSCertHandles intermediates; 294 intermediates.push_back(intermediate_cert->os_cert_handle()); 295 scoped_refptr<X509Certificate> cert_chain = 296 X509Certificate::CreateFromHandle(server_cert->os_cert_handle(), 297 intermediates); 298 299 CertVerifyResult verify_result; 300 int flags = CertVerifier::VERIFY_REV_CHECKING_ENABLED | 301 CertVerifier::VERIFY_EV_CERT; 302 int error = Verify(cert_chain.get(), 303 "2029.globalsign.com", 304 flags, 305 NULL, 306 empty_cert_list_, 307 &verify_result); 308 if (error == OK) 309 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); 310 else 311 EXPECT_EQ(ERR_CERT_DATE_INVALID, error); 312} 313 314// Test that verifying an ECDSA certificate doesn't crash on XP. (See 315// crbug.com/144466). 316TEST_F(CertVerifyProcTest, ECDSA_RSA) { 317 base::FilePath certs_dir = GetTestCertsDirectory(); 318 319 scoped_refptr<X509Certificate> cert = 320 ImportCertFromFile(certs_dir, 321 "prime256v1-ecdsa-ee-by-1024-rsa-intermediate.pem"); 322 323 CertVerifyResult verify_result; 324 Verify(cert.get(), "127.0.0.1", 0, NULL, empty_cert_list_, &verify_result); 325 326 // We don't check verify_result because the certificate is signed by an 327 // unknown CA and will be considered invalid on XP because of the ECDSA 328 // public key. 329} 330 331// Currently, only RSA and DSA keys are checked for weakness, and our example 332// weak size is 768. These could change in the future. 333// 334// Note that this means there may be false negatives: keys for other 335// algorithms and which are weak will pass this test. 336static bool IsWeakKeyType(const std::string& key_type) { 337 size_t pos = key_type.find("-"); 338 std::string size = key_type.substr(0, pos); 339 std::string type = key_type.substr(pos + 1); 340 341 if (type == "rsa" || type == "dsa") 342 return size == "768"; 343 344 return false; 345} 346 347TEST_F(CertVerifyProcTest, RejectWeakKeys) { 348 base::FilePath certs_dir = GetTestCertsDirectory(); 349 typedef std::vector<std::string> Strings; 350 Strings key_types; 351 352 // generate-weak-test-chains.sh currently has: 353 // key_types="768-rsa 1024-rsa 2048-rsa prime256v1-ecdsa" 354 // We must use the same key types here. The filenames generated look like: 355 // 2048-rsa-ee-by-768-rsa-intermediate.pem 356 key_types.push_back("768-rsa"); 357 key_types.push_back("1024-rsa"); 358 key_types.push_back("2048-rsa"); 359 360 bool use_ecdsa = true; 361#if defined(OS_WIN) 362 use_ecdsa = base::win::GetVersion() > base::win::VERSION_XP; 363#endif 364 365 if (use_ecdsa) 366 key_types.push_back("prime256v1-ecdsa"); 367 368 // Add the root that signed the intermediates for this test. 369 scoped_refptr<X509Certificate> root_cert = 370 ImportCertFromFile(certs_dir, "2048-rsa-root.pem"); 371 ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert.get()); 372 ScopedTestRoot scoped_root(root_cert.get()); 373 374 // Now test each chain. 375 for (Strings::const_iterator ee_type = key_types.begin(); 376 ee_type != key_types.end(); ++ee_type) { 377 for (Strings::const_iterator signer_type = key_types.begin(); 378 signer_type != key_types.end(); ++signer_type) { 379 std::string basename = *ee_type + "-ee-by-" + *signer_type + 380 "-intermediate.pem"; 381 SCOPED_TRACE(basename); 382 scoped_refptr<X509Certificate> ee_cert = 383 ImportCertFromFile(certs_dir, basename); 384 ASSERT_NE(static_cast<X509Certificate*>(NULL), ee_cert.get()); 385 386 basename = *signer_type + "-intermediate.pem"; 387 scoped_refptr<X509Certificate> intermediate = 388 ImportCertFromFile(certs_dir, basename); 389 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate.get()); 390 391 X509Certificate::OSCertHandles intermediates; 392 intermediates.push_back(intermediate->os_cert_handle()); 393 scoped_refptr<X509Certificate> cert_chain = 394 X509Certificate::CreateFromHandle(ee_cert->os_cert_handle(), 395 intermediates); 396 397 CertVerifyResult verify_result; 398 int error = Verify(cert_chain.get(), 399 "127.0.0.1", 400 0, 401 NULL, 402 empty_cert_list_, 403 &verify_result); 404 405 if (IsWeakKeyType(*ee_type) || IsWeakKeyType(*signer_type)) { 406 EXPECT_NE(OK, error); 407 EXPECT_EQ(CERT_STATUS_WEAK_KEY, 408 verify_result.cert_status & CERT_STATUS_WEAK_KEY); 409 EXPECT_NE(CERT_STATUS_INVALID, 410 verify_result.cert_status & CERT_STATUS_INVALID); 411 } else { 412 EXPECT_EQ(OK, error); 413 EXPECT_EQ(0U, verify_result.cert_status & CERT_STATUS_WEAK_KEY); 414 } 415 } 416 } 417} 418 419// Regression test for http://crbug.com/108514. 420#if defined(OS_MACOSX) && !defined(OS_IOS) 421// Disabled on OS X - Security.framework doesn't ignore superflous certificates 422// provided by servers. See CertVerifyProcTest.CybertrustGTERoot for further 423// details. 424#define MAYBE_ExtraneousMD5RootCert DISABLED_ExtraneousMD5RootCert 425#else 426#define MAYBE_ExtraneousMD5RootCert ExtraneousMD5RootCert 427#endif 428TEST_F(CertVerifyProcTest, MAYBE_ExtraneousMD5RootCert) { 429 if (!SupportsReturningVerifiedChain()) { 430 LOG(INFO) << "Skipping this test in this platform."; 431 return; 432 } 433 434 base::FilePath certs_dir = GetTestCertsDirectory(); 435 436 scoped_refptr<X509Certificate> server_cert = 437 ImportCertFromFile(certs_dir, "cross-signed-leaf.pem"); 438 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert.get()); 439 440 scoped_refptr<X509Certificate> extra_cert = 441 ImportCertFromFile(certs_dir, "cross-signed-root-md5.pem"); 442 ASSERT_NE(static_cast<X509Certificate*>(NULL), extra_cert.get()); 443 444 scoped_refptr<X509Certificate> root_cert = 445 ImportCertFromFile(certs_dir, "cross-signed-root-sha1.pem"); 446 ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert.get()); 447 448 ScopedTestRoot scoped_root(root_cert.get()); 449 450 X509Certificate::OSCertHandles intermediates; 451 intermediates.push_back(extra_cert->os_cert_handle()); 452 scoped_refptr<X509Certificate> cert_chain = 453 X509Certificate::CreateFromHandle(server_cert->os_cert_handle(), 454 intermediates); 455 456 CertVerifyResult verify_result; 457 int flags = 0; 458 int error = Verify(cert_chain.get(), 459 "127.0.0.1", 460 flags, 461 NULL, 462 empty_cert_list_, 463 &verify_result); 464 EXPECT_EQ(OK, error); 465 466 // The extra MD5 root should be discarded 467 ASSERT_TRUE(verify_result.verified_cert.get()); 468 ASSERT_EQ(1u, 469 verify_result.verified_cert->GetIntermediateCertificates().size()); 470 EXPECT_TRUE(X509Certificate::IsSameOSCert( 471 verify_result.verified_cert->GetIntermediateCertificates().front(), 472 root_cert->os_cert_handle())); 473 474 EXPECT_FALSE(verify_result.has_md5); 475} 476 477// Test for bug 94673. 478TEST_F(CertVerifyProcTest, GoogleDigiNotarTest) { 479 base::FilePath certs_dir = GetTestCertsDirectory(); 480 481 scoped_refptr<X509Certificate> server_cert = 482 ImportCertFromFile(certs_dir, "google_diginotar.pem"); 483 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert.get()); 484 485 scoped_refptr<X509Certificate> intermediate_cert = 486 ImportCertFromFile(certs_dir, "diginotar_public_ca_2025.pem"); 487 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert.get()); 488 489 X509Certificate::OSCertHandles intermediates; 490 intermediates.push_back(intermediate_cert->os_cert_handle()); 491 scoped_refptr<X509Certificate> cert_chain = 492 X509Certificate::CreateFromHandle(server_cert->os_cert_handle(), 493 intermediates); 494 495 CertVerifyResult verify_result; 496 int flags = CertVerifier::VERIFY_REV_CHECKING_ENABLED; 497 int error = Verify(cert_chain.get(), 498 "mail.google.com", 499 flags, 500 NULL, 501 empty_cert_list_, 502 &verify_result); 503 EXPECT_NE(OK, error); 504 505 // Now turn off revocation checking. Certificate verification should still 506 // fail. 507 flags = 0; 508 error = Verify(cert_chain.get(), 509 "mail.google.com", 510 flags, 511 NULL, 512 empty_cert_list_, 513 &verify_result); 514 EXPECT_NE(OK, error); 515} 516 517TEST_F(CertVerifyProcTest, DigiNotarCerts) { 518 static const char* const kDigiNotarFilenames[] = { 519 "diginotar_root_ca.pem", 520 "diginotar_cyber_ca.pem", 521 "diginotar_services_1024_ca.pem", 522 "diginotar_pkioverheid.pem", 523 "diginotar_pkioverheid_g2.pem", 524 NULL, 525 }; 526 527 base::FilePath certs_dir = GetTestCertsDirectory(); 528 529 for (size_t i = 0; kDigiNotarFilenames[i]; i++) { 530 scoped_refptr<X509Certificate> diginotar_cert = 531 ImportCertFromFile(certs_dir, kDigiNotarFilenames[i]); 532 std::string der_bytes; 533 ASSERT_TRUE(X509Certificate::GetDEREncoded( 534 diginotar_cert->os_cert_handle(), &der_bytes)); 535 536 base::StringPiece spki; 537 ASSERT_TRUE(asn1::ExtractSPKIFromDERCert(der_bytes, &spki)); 538 539 std::string spki_sha1 = base::SHA1HashString(spki.as_string()); 540 541 HashValueVector public_keys; 542 HashValue hash(HASH_VALUE_SHA1); 543 ASSERT_EQ(hash.size(), spki_sha1.size()); 544 memcpy(hash.data(), spki_sha1.data(), spki_sha1.size()); 545 public_keys.push_back(hash); 546 547 EXPECT_TRUE(CertVerifyProc::IsPublicKeyBlacklisted(public_keys)) << 548 "Public key not blocked for " << kDigiNotarFilenames[i]; 549 } 550} 551 552TEST_F(CertVerifyProcTest, NameConstraintsOk) { 553 CertificateList ca_cert_list = 554 CreateCertificateListFromFile(GetTestCertsDirectory(), 555 "root_ca_cert.pem", 556 X509Certificate::FORMAT_AUTO); 557 ASSERT_EQ(1U, ca_cert_list.size()); 558 ScopedTestRoot test_root(ca_cert_list[0].get()); 559 560 CertificateList cert_list = CreateCertificateListFromFile( 561 GetTestCertsDirectory(), "name_constraint_good.pem", 562 X509Certificate::FORMAT_AUTO); 563 ASSERT_EQ(1U, cert_list.size()); 564 565 X509Certificate::OSCertHandles intermediates; 566 scoped_refptr<X509Certificate> leaf = 567 X509Certificate::CreateFromHandle(cert_list[0]->os_cert_handle(), 568 intermediates); 569 570 int flags = 0; 571 CertVerifyResult verify_result; 572 int error = Verify(leaf.get(), 573 "test.example.com", 574 flags, 575 NULL, 576 empty_cert_list_, 577 &verify_result); 578 EXPECT_EQ(OK, error); 579 EXPECT_EQ(0U, verify_result.cert_status); 580} 581 582TEST_F(CertVerifyProcTest, NameConstraintsFailure) { 583 if (!SupportsReturningVerifiedChain()) { 584 LOG(INFO) << "Skipping this test in this platform."; 585 return; 586 } 587 588 CertificateList ca_cert_list = 589 CreateCertificateListFromFile(GetTestCertsDirectory(), 590 "root_ca_cert.pem", 591 X509Certificate::FORMAT_AUTO); 592 ASSERT_EQ(1U, ca_cert_list.size()); 593 ScopedTestRoot test_root(ca_cert_list[0].get()); 594 595 CertificateList cert_list = CreateCertificateListFromFile( 596 GetTestCertsDirectory(), "name_constraint_bad.pem", 597 X509Certificate::FORMAT_AUTO); 598 ASSERT_EQ(1U, cert_list.size()); 599 600 X509Certificate::OSCertHandles intermediates; 601 scoped_refptr<X509Certificate> leaf = 602 X509Certificate::CreateFromHandle(cert_list[0]->os_cert_handle(), 603 intermediates); 604 605 int flags = 0; 606 CertVerifyResult verify_result; 607 int error = Verify(leaf.get(), 608 "test.example.com", 609 flags, 610 NULL, 611 empty_cert_list_, 612 &verify_result); 613 EXPECT_EQ(ERR_CERT_NAME_CONSTRAINT_VIOLATION, error); 614 EXPECT_EQ(CERT_STATUS_NAME_CONSTRAINT_VIOLATION, 615 verify_result.cert_status & CERT_STATUS_NAME_CONSTRAINT_VIOLATION); 616} 617 618TEST_F(CertVerifyProcTest, TestKnownRoot) { 619 if (!SupportsDetectingKnownRoots()) { 620 LOG(INFO) << "Skipping this test in this platform."; 621 return; 622 } 623 624 base::FilePath certs_dir = GetTestCertsDirectory(); 625 CertificateList certs = CreateCertificateListFromFile( 626 certs_dir, "satveda.pem", X509Certificate::FORMAT_AUTO); 627 ASSERT_EQ(2U, certs.size()); 628 629 X509Certificate::OSCertHandles intermediates; 630 intermediates.push_back(certs[1]->os_cert_handle()); 631 632 scoped_refptr<X509Certificate> cert_chain = 633 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), 634 intermediates); 635 636 int flags = 0; 637 CertVerifyResult verify_result; 638 // This will blow up, May 24th, 2019. Sorry! Please disable and file a bug 639 // against agl. See also PublicKeyHashes. 640 int error = Verify(cert_chain.get(), 641 "satveda.com", 642 flags, 643 NULL, 644 empty_cert_list_, 645 &verify_result); 646 EXPECT_EQ(OK, error); 647 EXPECT_EQ(CERT_STATUS_SHA1_SIGNATURE_PRESENT, verify_result.cert_status); 648 EXPECT_TRUE(verify_result.is_issued_by_known_root); 649} 650 651// The certse.pem certificate has been revoked. crbug.com/259723. 652TEST_F(CertVerifyProcTest, PublicKeyHashes) { 653 if (!SupportsReturningVerifiedChain()) { 654 LOG(INFO) << "Skipping this test in this platform."; 655 return; 656 } 657 658 base::FilePath certs_dir = GetTestCertsDirectory(); 659 CertificateList certs = CreateCertificateListFromFile( 660 certs_dir, "satveda.pem", X509Certificate::FORMAT_AUTO); 661 ASSERT_EQ(2U, certs.size()); 662 663 X509Certificate::OSCertHandles intermediates; 664 intermediates.push_back(certs[1]->os_cert_handle()); 665 666 scoped_refptr<X509Certificate> cert_chain = 667 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), 668 intermediates); 669 int flags = 0; 670 CertVerifyResult verify_result; 671 672 // This will blow up, May 24th, 2019. Sorry! Please disable and file a bug 673 // against agl. See also TestKnownRoot. 674 int error = Verify(cert_chain.get(), 675 "satveda.com", 676 flags, 677 NULL, 678 empty_cert_list_, 679 &verify_result); 680 EXPECT_EQ(OK, error); 681 EXPECT_EQ(CERT_STATUS_SHA1_SIGNATURE_PRESENT, verify_result.cert_status); 682 ASSERT_LE(2U, verify_result.public_key_hashes.size()); 683 684 HashValueVector sha1_hashes; 685 for (size_t i = 0; i < verify_result.public_key_hashes.size(); ++i) { 686 if (verify_result.public_key_hashes[i].tag != HASH_VALUE_SHA1) 687 continue; 688 sha1_hashes.push_back(verify_result.public_key_hashes[i]); 689 } 690 ASSERT_LE(2u, sha1_hashes.size()); 691 692 for (size_t i = 0; i < 2; ++i) { 693 EXPECT_EQ(HexEncode(kSatvedaSPKIs[i], base::kSHA1Length), 694 HexEncode(sha1_hashes[i].data(), base::kSHA1Length)); 695 } 696 697 HashValueVector sha256_hashes; 698 for (size_t i = 0; i < verify_result.public_key_hashes.size(); ++i) { 699 if (verify_result.public_key_hashes[i].tag != HASH_VALUE_SHA256) 700 continue; 701 sha256_hashes.push_back(verify_result.public_key_hashes[i]); 702 } 703 ASSERT_LE(2u, sha256_hashes.size()); 704 705 for (size_t i = 0; i < 2; ++i) { 706 EXPECT_EQ(HexEncode(kSatvedaSPKIsSHA256[i], crypto::kSHA256Length), 707 HexEncode(sha256_hashes[i].data(), crypto::kSHA256Length)); 708 } 709} 710 711// A regression test for http://crbug.com/70293. 712// The Key Usage extension in this RSA SSL server certificate does not have 713// the keyEncipherment bit. 714TEST_F(CertVerifyProcTest, InvalidKeyUsage) { 715 base::FilePath certs_dir = GetTestCertsDirectory(); 716 717 scoped_refptr<X509Certificate> server_cert = 718 ImportCertFromFile(certs_dir, "invalid_key_usage_cert.der"); 719 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert.get()); 720 721 int flags = 0; 722 CertVerifyResult verify_result; 723 int error = Verify(server_cert.get(), 724 "jira.aquameta.com", 725 flags, 726 NULL, 727 empty_cert_list_, 728 &verify_result); 729#if defined(USE_OPENSSL_CERTS) && !defined(OS_ANDROID) 730 // This certificate has two errors: "invalid key usage" and "untrusted CA". 731 // However, OpenSSL returns only one (the latter), and we can't detect 732 // the other errors. 733 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); 734#else 735 EXPECT_EQ(ERR_CERT_INVALID, error); 736 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_INVALID); 737#endif 738 // TODO(wtc): fix http://crbug.com/75520 to get all the certificate errors 739 // from NSS. 740#if !defined(USE_NSS) && !defined(OS_IOS) && !defined(OS_ANDROID) 741 // The certificate is issued by an unknown CA. 742 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID); 743#endif 744} 745 746// Basic test for returning the chain in CertVerifyResult. Note that the 747// returned chain may just be a reflection of the originally supplied chain; 748// that is, if any errors occur, the default chain returned is an exact copy 749// of the certificate to be verified. The remaining VerifyReturn* tests are 750// used to ensure that the actual, verified chain is being returned by 751// Verify(). 752TEST_F(CertVerifyProcTest, VerifyReturnChainBasic) { 753 if (!SupportsReturningVerifiedChain()) { 754 LOG(INFO) << "Skipping this test in this platform."; 755 return; 756 } 757 758 base::FilePath certs_dir = GetTestCertsDirectory(); 759 CertificateList certs = CreateCertificateListFromFile( 760 certs_dir, "x509_verify_results.chain.pem", 761 X509Certificate::FORMAT_AUTO); 762 ASSERT_EQ(3U, certs.size()); 763 764 X509Certificate::OSCertHandles intermediates; 765 intermediates.push_back(certs[1]->os_cert_handle()); 766 intermediates.push_back(certs[2]->os_cert_handle()); 767 768 ScopedTestRoot scoped_root(certs[2].get()); 769 770 scoped_refptr<X509Certificate> google_full_chain = 771 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), 772 intermediates); 773 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_full_chain.get()); 774 ASSERT_EQ(2U, google_full_chain->GetIntermediateCertificates().size()); 775 776 CertVerifyResult verify_result; 777 EXPECT_EQ(static_cast<X509Certificate*>(NULL), 778 verify_result.verified_cert.get()); 779 int error = Verify(google_full_chain.get(), 780 "127.0.0.1", 781 0, 782 NULL, 783 empty_cert_list_, 784 &verify_result); 785 EXPECT_EQ(OK, error); 786 ASSERT_NE(static_cast<X509Certificate*>(NULL), 787 verify_result.verified_cert.get()); 788 789 EXPECT_NE(google_full_chain, verify_result.verified_cert); 790 EXPECT_TRUE(X509Certificate::IsSameOSCert( 791 google_full_chain->os_cert_handle(), 792 verify_result.verified_cert->os_cert_handle())); 793 const X509Certificate::OSCertHandles& return_intermediates = 794 verify_result.verified_cert->GetIntermediateCertificates(); 795 ASSERT_EQ(2U, return_intermediates.size()); 796 EXPECT_TRUE(X509Certificate::IsSameOSCert(return_intermediates[0], 797 certs[1]->os_cert_handle())); 798 EXPECT_TRUE(X509Certificate::IsSameOSCert(return_intermediates[1], 799 certs[2]->os_cert_handle())); 800} 801 802// Test that certificates issued for 'intranet' names (that is, containing no 803// known public registry controlled domain information) issued by well-known 804// CAs are flagged appropriately, while certificates that are issued by 805// internal CAs are not flagged. 806TEST_F(CertVerifyProcTest, IntranetHostsRejected) { 807 if (!SupportsDetectingKnownRoots()) { 808 LOG(INFO) << "Skipping this test in this platform."; 809 return; 810 } 811 812 CertificateList cert_list = CreateCertificateListFromFile( 813 GetTestCertsDirectory(), "ok_cert.pem", 814 X509Certificate::FORMAT_AUTO); 815 ASSERT_EQ(1U, cert_list.size()); 816 scoped_refptr<X509Certificate> cert(cert_list[0]); 817 818 CertVerifyResult verify_result; 819 int error = 0; 820 821 // Intranet names for public CAs should be flagged: 822 verify_proc_ = new WellKnownCaCertVerifyProc(true); 823 error = 824 Verify(cert.get(), "intranet", 0, NULL, empty_cert_list_, &verify_result); 825 EXPECT_EQ(OK, error); 826 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_NON_UNIQUE_NAME); 827 828 // However, if the CA is not well known, these should not be flagged: 829 verify_proc_ = new WellKnownCaCertVerifyProc(false); 830 error = 831 Verify(cert.get(), "intranet", 0, NULL, empty_cert_list_, &verify_result); 832 EXPECT_EQ(OK, error); 833 EXPECT_FALSE(verify_result.cert_status & CERT_STATUS_NON_UNIQUE_NAME); 834} 835 836// Test that the certificate returned in CertVerifyResult is able to reorder 837// certificates that are not ordered from end-entity to root. While this is 838// a protocol violation if sent during a TLS handshake, if multiple sources 839// of intermediate certificates are combined, it's possible that order may 840// not be maintained. 841TEST_F(CertVerifyProcTest, VerifyReturnChainProperlyOrdered) { 842 if (!SupportsReturningVerifiedChain()) { 843 LOG(INFO) << "Skipping this test in this platform."; 844 return; 845 } 846 847 base::FilePath certs_dir = GetTestCertsDirectory(); 848 CertificateList certs = CreateCertificateListFromFile( 849 certs_dir, "x509_verify_results.chain.pem", 850 X509Certificate::FORMAT_AUTO); 851 ASSERT_EQ(3U, certs.size()); 852 853 // Construct the chain out of order. 854 X509Certificate::OSCertHandles intermediates; 855 intermediates.push_back(certs[2]->os_cert_handle()); 856 intermediates.push_back(certs[1]->os_cert_handle()); 857 858 ScopedTestRoot scoped_root(certs[2].get()); 859 860 scoped_refptr<X509Certificate> google_full_chain = 861 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), 862 intermediates); 863 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_full_chain.get()); 864 ASSERT_EQ(2U, google_full_chain->GetIntermediateCertificates().size()); 865 866 CertVerifyResult verify_result; 867 EXPECT_EQ(static_cast<X509Certificate*>(NULL), 868 verify_result.verified_cert.get()); 869 int error = Verify(google_full_chain.get(), 870 "127.0.0.1", 871 0, 872 NULL, 873 empty_cert_list_, 874 &verify_result); 875 EXPECT_EQ(OK, error); 876 ASSERT_NE(static_cast<X509Certificate*>(NULL), 877 verify_result.verified_cert.get()); 878 879 EXPECT_NE(google_full_chain, verify_result.verified_cert); 880 EXPECT_TRUE(X509Certificate::IsSameOSCert( 881 google_full_chain->os_cert_handle(), 882 verify_result.verified_cert->os_cert_handle())); 883 const X509Certificate::OSCertHandles& return_intermediates = 884 verify_result.verified_cert->GetIntermediateCertificates(); 885 ASSERT_EQ(2U, return_intermediates.size()); 886 EXPECT_TRUE(X509Certificate::IsSameOSCert(return_intermediates[0], 887 certs[1]->os_cert_handle())); 888 EXPECT_TRUE(X509Certificate::IsSameOSCert(return_intermediates[1], 889 certs[2]->os_cert_handle())); 890} 891 892// Test that Verify() filters out certificates which are not related to 893// or part of the certificate chain being verified. 894TEST_F(CertVerifyProcTest, VerifyReturnChainFiltersUnrelatedCerts) { 895 if (!SupportsReturningVerifiedChain()) { 896 LOG(INFO) << "Skipping this test in this platform."; 897 return; 898 } 899 900 base::FilePath certs_dir = GetTestCertsDirectory(); 901 CertificateList certs = CreateCertificateListFromFile( 902 certs_dir, "x509_verify_results.chain.pem", 903 X509Certificate::FORMAT_AUTO); 904 ASSERT_EQ(3U, certs.size()); 905 ScopedTestRoot scoped_root(certs[2].get()); 906 907 scoped_refptr<X509Certificate> unrelated_certificate = 908 ImportCertFromFile(certs_dir, "duplicate_cn_1.pem"); 909 scoped_refptr<X509Certificate> unrelated_certificate2 = 910 ImportCertFromFile(certs_dir, "aia-cert.pem"); 911 ASSERT_NE(static_cast<X509Certificate*>(NULL), unrelated_certificate.get()); 912 ASSERT_NE(static_cast<X509Certificate*>(NULL), unrelated_certificate2.get()); 913 914 // Interject unrelated certificates into the list of intermediates. 915 X509Certificate::OSCertHandles intermediates; 916 intermediates.push_back(unrelated_certificate->os_cert_handle()); 917 intermediates.push_back(certs[1]->os_cert_handle()); 918 intermediates.push_back(unrelated_certificate2->os_cert_handle()); 919 intermediates.push_back(certs[2]->os_cert_handle()); 920 921 scoped_refptr<X509Certificate> google_full_chain = 922 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), 923 intermediates); 924 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_full_chain.get()); 925 ASSERT_EQ(4U, google_full_chain->GetIntermediateCertificates().size()); 926 927 CertVerifyResult verify_result; 928 EXPECT_EQ(static_cast<X509Certificate*>(NULL), 929 verify_result.verified_cert.get()); 930 int error = Verify(google_full_chain.get(), 931 "127.0.0.1", 932 0, 933 NULL, 934 empty_cert_list_, 935 &verify_result); 936 EXPECT_EQ(OK, error); 937 ASSERT_NE(static_cast<X509Certificate*>(NULL), 938 verify_result.verified_cert.get()); 939 940 EXPECT_NE(google_full_chain, verify_result.verified_cert); 941 EXPECT_TRUE(X509Certificate::IsSameOSCert( 942 google_full_chain->os_cert_handle(), 943 verify_result.verified_cert->os_cert_handle())); 944 const X509Certificate::OSCertHandles& return_intermediates = 945 verify_result.verified_cert->GetIntermediateCertificates(); 946 ASSERT_EQ(2U, return_intermediates.size()); 947 EXPECT_TRUE(X509Certificate::IsSameOSCert(return_intermediates[0], 948 certs[1]->os_cert_handle())); 949 EXPECT_TRUE(X509Certificate::IsSameOSCert(return_intermediates[1], 950 certs[2]->os_cert_handle())); 951} 952 953TEST_F(CertVerifyProcTest, AdditionalTrustAnchors) { 954 if (!SupportsAdditionalTrustAnchors()) { 955 LOG(INFO) << "Skipping this test in this platform."; 956 return; 957 } 958 959 // |ca_cert| is the issuer of |cert|. 960 CertificateList ca_cert_list = CreateCertificateListFromFile( 961 GetTestCertsDirectory(), "root_ca_cert.pem", 962 X509Certificate::FORMAT_AUTO); 963 ASSERT_EQ(1U, ca_cert_list.size()); 964 scoped_refptr<X509Certificate> ca_cert(ca_cert_list[0]); 965 966 CertificateList cert_list = CreateCertificateListFromFile( 967 GetTestCertsDirectory(), "ok_cert.pem", 968 X509Certificate::FORMAT_AUTO); 969 ASSERT_EQ(1U, cert_list.size()); 970 scoped_refptr<X509Certificate> cert(cert_list[0]); 971 972 // Verification of |cert| fails when |ca_cert| is not in the trust anchors 973 // list. 974 int flags = 0; 975 CertVerifyResult verify_result; 976 int error = Verify( 977 cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, &verify_result); 978 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); 979 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, verify_result.cert_status); 980 EXPECT_FALSE(verify_result.is_issued_by_additional_trust_anchor); 981 982 // Now add the |ca_cert| to the |trust_anchors|, and verification should pass. 983 CertificateList trust_anchors; 984 trust_anchors.push_back(ca_cert); 985 error = Verify( 986 cert.get(), "127.0.0.1", flags, NULL, trust_anchors, &verify_result); 987 EXPECT_EQ(OK, error); 988 EXPECT_EQ(0U, verify_result.cert_status); 989 EXPECT_TRUE(verify_result.is_issued_by_additional_trust_anchor); 990 991 // Clearing the |trust_anchors| makes verification fail again (the cache 992 // should be skipped). 993 error = Verify( 994 cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, &verify_result); 995 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); 996 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, verify_result.cert_status); 997 EXPECT_FALSE(verify_result.is_issued_by_additional_trust_anchor); 998} 999 1000// Tests that certificates issued by user-supplied roots are not flagged as 1001// issued by a known root. This should pass whether or not the platform supports 1002// detecting known roots. 1003TEST_F(CertVerifyProcTest, IsIssuedByKnownRootIgnoresTestRoots) { 1004 // Load root_ca_cert.pem into the test root store. 1005 TestRootCerts* root_certs = TestRootCerts::GetInstance(); 1006 root_certs->AddFromFile( 1007 GetTestCertsDirectory().AppendASCII("root_ca_cert.pem")); 1008 1009 CertificateList cert_list = CreateCertificateListFromFile( 1010 GetTestCertsDirectory(), "ok_cert.pem", 1011 X509Certificate::FORMAT_AUTO); 1012 ASSERT_EQ(1U, cert_list.size()); 1013 scoped_refptr<X509Certificate> cert(cert_list[0]); 1014 1015 // Verification should pass. 1016 int flags = 0; 1017 CertVerifyResult verify_result; 1018 int error = Verify( 1019 cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, &verify_result); 1020 EXPECT_EQ(OK, error); 1021 EXPECT_EQ(0U, verify_result.cert_status); 1022 // But should not be marked as a known root. 1023 EXPECT_FALSE(verify_result.is_issued_by_known_root); 1024 1025 root_certs->Clear(); 1026 EXPECT_TRUE(root_certs->IsEmpty()); 1027} 1028 1029#if defined(OS_MACOSX) && !defined(OS_IOS) 1030// Tests that, on OS X, issues with a cross-certified Baltimore CyberTrust 1031// Root can be successfully worked around once Apple completes removing the 1032// older GTE CyberTrust Root from its trusted root store. 1033// 1034// The issue is caused by servers supplying the cross-certified intermediate 1035// (necessary for certain mobile platforms), which OS X does not recognize 1036// as already existing within its trust store. 1037TEST_F(CertVerifyProcTest, CybertrustGTERoot) { 1038 CertificateList certs = CreateCertificateListFromFile( 1039 GetTestCertsDirectory(), 1040 "cybertrust_omniroot_chain.pem", 1041 X509Certificate::FORMAT_PEM_CERT_SEQUENCE); 1042 ASSERT_EQ(2U, certs.size()); 1043 1044 X509Certificate::OSCertHandles intermediates; 1045 intermediates.push_back(certs[1]->os_cert_handle()); 1046 1047 scoped_refptr<X509Certificate> cybertrust_basic = 1048 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), 1049 intermediates); 1050 ASSERT_TRUE(cybertrust_basic.get()); 1051 1052 scoped_refptr<X509Certificate> baltimore_root = 1053 ImportCertFromFile(GetTestCertsDirectory(), 1054 "cybertrust_baltimore_root.pem"); 1055 ASSERT_TRUE(baltimore_root.get()); 1056 1057 ScopedTestRoot scoped_root(baltimore_root.get()); 1058 1059 // Ensure that ONLY the Baltimore CyberTrust Root is trusted. This 1060 // simulates Keychain removing support for the GTE CyberTrust Root. 1061 TestRootCerts::GetInstance()->SetAllowSystemTrust(false); 1062 base::ScopedClosureRunner reset_system_trust( 1063 base::Bind(&TestRootCerts::SetAllowSystemTrust, 1064 base::Unretained(TestRootCerts::GetInstance()), 1065 true)); 1066 1067 // First, make sure a simple certificate chain from 1068 // EE -> Public SureServer SV -> Baltimore CyberTrust 1069 // works. Only the first two certificates are included in the chain. 1070 int flags = 0; 1071 CertVerifyResult verify_result; 1072 int error = Verify(cybertrust_basic.get(), 1073 "cacert.omniroot.com", 1074 flags, 1075 NULL, 1076 empty_cert_list_, 1077 &verify_result); 1078 EXPECT_EQ(OK, error); 1079 EXPECT_EQ(CERT_STATUS_SHA1_SIGNATURE_PRESENT, verify_result.cert_status); 1080 1081 // Attempt to verify with the first known cross-certified intermediate 1082 // provided. 1083 scoped_refptr<X509Certificate> baltimore_intermediate_1 = 1084 ImportCertFromFile(GetTestCertsDirectory(), 1085 "cybertrust_baltimore_cross_certified_1.pem"); 1086 ASSERT_TRUE(baltimore_intermediate_1.get()); 1087 1088 X509Certificate::OSCertHandles intermediate_chain_1 = 1089 cybertrust_basic->GetIntermediateCertificates(); 1090 intermediate_chain_1.push_back(baltimore_intermediate_1->os_cert_handle()); 1091 1092 scoped_refptr<X509Certificate> baltimore_chain_1 = 1093 X509Certificate::CreateFromHandle(cybertrust_basic->os_cert_handle(), 1094 intermediate_chain_1); 1095 error = Verify(baltimore_chain_1.get(), 1096 "cacert.omniroot.com", 1097 flags, 1098 NULL, 1099 empty_cert_list_, 1100 &verify_result); 1101 EXPECT_EQ(OK, error); 1102 EXPECT_EQ(CERT_STATUS_SHA1_SIGNATURE_PRESENT, verify_result.cert_status); 1103 1104 // Attempt to verify with the second known cross-certified intermediate 1105 // provided. 1106 scoped_refptr<X509Certificate> baltimore_intermediate_2 = 1107 ImportCertFromFile(GetTestCertsDirectory(), 1108 "cybertrust_baltimore_cross_certified_2.pem"); 1109 ASSERT_TRUE(baltimore_intermediate_2.get()); 1110 1111 X509Certificate::OSCertHandles intermediate_chain_2 = 1112 cybertrust_basic->GetIntermediateCertificates(); 1113 intermediate_chain_2.push_back(baltimore_intermediate_2->os_cert_handle()); 1114 1115 scoped_refptr<X509Certificate> baltimore_chain_2 = 1116 X509Certificate::CreateFromHandle(cybertrust_basic->os_cert_handle(), 1117 intermediate_chain_2); 1118 error = Verify(baltimore_chain_2.get(), 1119 "cacert.omniroot.com", 1120 flags, 1121 NULL, 1122 empty_cert_list_, 1123 &verify_result); 1124 EXPECT_EQ(OK, error); 1125 EXPECT_EQ(CERT_STATUS_SHA1_SIGNATURE_PRESENT, verify_result.cert_status); 1126 1127 // Attempt to verify when both a cross-certified intermediate AND 1128 // the legacy GTE root are provided. 1129 scoped_refptr<X509Certificate> cybertrust_root = 1130 ImportCertFromFile(GetTestCertsDirectory(), 1131 "cybertrust_gte_root.pem"); 1132 ASSERT_TRUE(cybertrust_root.get()); 1133 1134 intermediate_chain_2.push_back(cybertrust_root->os_cert_handle()); 1135 scoped_refptr<X509Certificate> baltimore_chain_with_root = 1136 X509Certificate::CreateFromHandle(cybertrust_basic->os_cert_handle(), 1137 intermediate_chain_2); 1138 error = Verify(baltimore_chain_with_root.get(), 1139 "cacert.omniroot.com", 1140 flags, 1141 NULL, 1142 empty_cert_list_, 1143 &verify_result); 1144 EXPECT_EQ(OK, error); 1145 EXPECT_EQ(CERT_STATUS_SHA1_SIGNATURE_PRESENT, verify_result.cert_status); 1146 1147 TestRootCerts::GetInstance()->Clear(); 1148 EXPECT_TRUE(TestRootCerts::GetInstance()->IsEmpty()); 1149} 1150#endif 1151 1152#if defined(USE_NSS) || defined(OS_IOS) || defined(OS_WIN) || defined(OS_MACOSX) 1153// Test that CRLSets are effective in making a certificate appear to be 1154// revoked. 1155TEST_F(CertVerifyProcTest, CRLSet) { 1156 CertificateList ca_cert_list = 1157 CreateCertificateListFromFile(GetTestCertsDirectory(), 1158 "root_ca_cert.pem", 1159 X509Certificate::FORMAT_AUTO); 1160 ASSERT_EQ(1U, ca_cert_list.size()); 1161 ScopedTestRoot test_root(ca_cert_list[0].get()); 1162 1163 CertificateList cert_list = CreateCertificateListFromFile( 1164 GetTestCertsDirectory(), "ok_cert.pem", X509Certificate::FORMAT_AUTO); 1165 ASSERT_EQ(1U, cert_list.size()); 1166 scoped_refptr<X509Certificate> cert(cert_list[0]); 1167 1168 int flags = 0; 1169 CertVerifyResult verify_result; 1170 int error = Verify( 1171 cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, &verify_result); 1172 EXPECT_EQ(OK, error); 1173 EXPECT_EQ(0U, verify_result.cert_status); 1174 1175 scoped_refptr<CRLSet> crl_set; 1176 std::string crl_set_bytes; 1177 1178 // First test blocking by SPKI. 1179 EXPECT_TRUE(base::ReadFileToString( 1180 GetTestCertsDirectory().AppendASCII("crlset_by_leaf_spki.raw"), 1181 &crl_set_bytes)); 1182 ASSERT_TRUE(CRLSetStorage::Parse(crl_set_bytes, &crl_set)); 1183 1184 error = Verify(cert.get(), 1185 "127.0.0.1", 1186 flags, 1187 crl_set.get(), 1188 empty_cert_list_, 1189 &verify_result); 1190 EXPECT_EQ(ERR_CERT_REVOKED, error); 1191 1192 // Second, test revocation by serial number of a cert directly under the 1193 // root. 1194 crl_set_bytes.clear(); 1195 EXPECT_TRUE(base::ReadFileToString( 1196 GetTestCertsDirectory().AppendASCII("crlset_by_root_serial.raw"), 1197 &crl_set_bytes)); 1198 ASSERT_TRUE(CRLSetStorage::Parse(crl_set_bytes, &crl_set)); 1199 1200 error = Verify(cert.get(), 1201 "127.0.0.1", 1202 flags, 1203 crl_set.get(), 1204 empty_cert_list_, 1205 &verify_result); 1206 EXPECT_EQ(ERR_CERT_REVOKED, error); 1207} 1208 1209TEST_F(CertVerifyProcTest, CRLSetLeafSerial) { 1210 CertificateList ca_cert_list = 1211 CreateCertificateListFromFile(GetTestCertsDirectory(), 1212 "quic_root.crt", 1213 X509Certificate::FORMAT_AUTO); 1214 ASSERT_EQ(1U, ca_cert_list.size()); 1215 ScopedTestRoot test_root(ca_cert_list[0].get()); 1216 1217 CertificateList intermediate_cert_list = 1218 CreateCertificateListFromFile(GetTestCertsDirectory(), 1219 "quic_intermediate.crt", 1220 X509Certificate::FORMAT_AUTO); 1221 ASSERT_EQ(1U, intermediate_cert_list.size()); 1222 X509Certificate::OSCertHandles intermediates; 1223 intermediates.push_back(intermediate_cert_list[0]->os_cert_handle()); 1224 1225 CertificateList cert_list = CreateCertificateListFromFile( 1226 GetTestCertsDirectory(), "quic_test.example.com.crt", 1227 X509Certificate::FORMAT_AUTO); 1228 ASSERT_EQ(1U, cert_list.size()); 1229 1230 scoped_refptr<X509Certificate> leaf = 1231 X509Certificate::CreateFromHandle(cert_list[0]->os_cert_handle(), 1232 intermediates); 1233 1234 int flags = 0; 1235 CertVerifyResult verify_result; 1236 int error = Verify(leaf.get(), 1237 "test.example.com", 1238 flags, 1239 NULL, 1240 empty_cert_list_, 1241 &verify_result); 1242 EXPECT_EQ(OK, error); 1243 EXPECT_EQ(CERT_STATUS_SHA1_SIGNATURE_PRESENT, verify_result.cert_status); 1244 1245 // Test revocation by serial number of a certificate not under the root. 1246 scoped_refptr<CRLSet> crl_set; 1247 std::string crl_set_bytes; 1248 ASSERT_TRUE(base::ReadFileToString( 1249 GetTestCertsDirectory().AppendASCII("crlset_by_intermediate_serial.raw"), 1250 &crl_set_bytes)); 1251 ASSERT_TRUE(CRLSetStorage::Parse(crl_set_bytes, &crl_set)); 1252 1253 error = Verify(leaf.get(), 1254 "test.example.com", 1255 flags, 1256 crl_set.get(), 1257 empty_cert_list_, 1258 &verify_result); 1259 EXPECT_EQ(ERR_CERT_REVOKED, error); 1260} 1261#endif 1262 1263enum ExpectedAlgorithms { 1264 EXPECT_MD2 = 1 << 0, 1265 EXPECT_MD4 = 1 << 1, 1266 EXPECT_MD5 = 1 << 2, 1267 EXPECT_SHA1 = 1 << 3 1268}; 1269 1270struct WeakDigestTestData { 1271 const char* root_cert_filename; 1272 const char* intermediate_cert_filename; 1273 const char* ee_cert_filename; 1274 int expected_algorithms; 1275}; 1276 1277// GTest 'magic' pretty-printer, so that if/when a test fails, it knows how 1278// to output the parameter that was passed. Without this, it will simply 1279// attempt to print out the first twenty bytes of the object, which depending 1280// on platform and alignment, may result in an invalid read. 1281void PrintTo(const WeakDigestTestData& data, std::ostream* os) { 1282 *os << "root: " 1283 << (data.root_cert_filename ? data.root_cert_filename : "none") 1284 << "; intermediate: " << data.intermediate_cert_filename 1285 << "; end-entity: " << data.ee_cert_filename; 1286} 1287 1288class CertVerifyProcWeakDigestTest 1289 : public CertVerifyProcTest, 1290 public testing::WithParamInterface<WeakDigestTestData> { 1291 public: 1292 CertVerifyProcWeakDigestTest() {} 1293 virtual ~CertVerifyProcWeakDigestTest() {} 1294}; 1295 1296TEST_P(CertVerifyProcWeakDigestTest, Verify) { 1297 WeakDigestTestData data = GetParam(); 1298 base::FilePath certs_dir = GetTestCertsDirectory(); 1299 1300 ScopedTestRoot test_root; 1301 if (data.root_cert_filename) { 1302 scoped_refptr<X509Certificate> root_cert = 1303 ImportCertFromFile(certs_dir, data.root_cert_filename); 1304 ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert.get()); 1305 test_root.Reset(root_cert.get()); 1306 } 1307 1308 scoped_refptr<X509Certificate> intermediate_cert = 1309 ImportCertFromFile(certs_dir, data.intermediate_cert_filename); 1310 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert.get()); 1311 scoped_refptr<X509Certificate> ee_cert = 1312 ImportCertFromFile(certs_dir, data.ee_cert_filename); 1313 ASSERT_NE(static_cast<X509Certificate*>(NULL), ee_cert.get()); 1314 1315 X509Certificate::OSCertHandles intermediates; 1316 intermediates.push_back(intermediate_cert->os_cert_handle()); 1317 1318 scoped_refptr<X509Certificate> ee_chain = 1319 X509Certificate::CreateFromHandle(ee_cert->os_cert_handle(), 1320 intermediates); 1321 ASSERT_NE(static_cast<X509Certificate*>(NULL), ee_chain.get()); 1322 1323 int flags = 0; 1324 CertVerifyResult verify_result; 1325 int rv = Verify(ee_chain.get(), 1326 "127.0.0.1", 1327 flags, 1328 NULL, 1329 empty_cert_list_, 1330 &verify_result); 1331 EXPECT_EQ(!!(data.expected_algorithms & EXPECT_MD2), verify_result.has_md2); 1332 EXPECT_EQ(!!(data.expected_algorithms & EXPECT_MD4), verify_result.has_md4); 1333 EXPECT_EQ(!!(data.expected_algorithms & EXPECT_MD5), verify_result.has_md5); 1334 EXPECT_EQ(!!(data.expected_algorithms & EXPECT_SHA1), verify_result.has_sha1); 1335 1336 EXPECT_FALSE(verify_result.is_issued_by_additional_trust_anchor); 1337 1338 // Ensure that MD4 and MD2 are tagged as invalid. 1339 if (data.expected_algorithms & (EXPECT_MD2 | EXPECT_MD4)) { 1340 EXPECT_EQ(CERT_STATUS_INVALID, 1341 verify_result.cert_status & CERT_STATUS_INVALID); 1342 } 1343 1344 // Ensure that MD5 is flagged as weak. 1345 if (data.expected_algorithms & EXPECT_MD5) { 1346 EXPECT_EQ( 1347 CERT_STATUS_WEAK_SIGNATURE_ALGORITHM, 1348 verify_result.cert_status & CERT_STATUS_WEAK_SIGNATURE_ALGORITHM); 1349 } 1350 1351 // If a root cert is present, then check that the chain was rejected if any 1352 // weak algorithms are present. This is only checked when a root cert is 1353 // present because the error reported for incomplete chains with weak 1354 // algorithms depends on which implementation was used to validate (NSS, 1355 // OpenSSL, CryptoAPI, Security.framework) and upon which weak algorithm 1356 // present (MD2, MD4, MD5). 1357 if (data.root_cert_filename) { 1358 if (data.expected_algorithms & (EXPECT_MD2 | EXPECT_MD4)) { 1359 EXPECT_EQ(ERR_CERT_INVALID, rv); 1360 } else if (data.expected_algorithms & EXPECT_MD5) { 1361 EXPECT_EQ(ERR_CERT_WEAK_SIGNATURE_ALGORITHM, rv); 1362 } else { 1363 EXPECT_EQ(OK, rv); 1364 } 1365 } 1366} 1367 1368// Unlike TEST/TEST_F, which are macros that expand to further macros, 1369// INSTANTIATE_TEST_CASE_P is a macro that expands directly to code that 1370// stringizes the arguments. As a result, macros passed as parameters (such as 1371// prefix or test_case_name) will not be expanded by the preprocessor. To work 1372// around this, indirect the macro for INSTANTIATE_TEST_CASE_P, so that the 1373// pre-processor will expand macros such as MAYBE_test_name before 1374// instantiating the test. 1375#define WRAPPED_INSTANTIATE_TEST_CASE_P(prefix, test_case_name, generator) \ 1376 INSTANTIATE_TEST_CASE_P(prefix, test_case_name, generator) 1377 1378// The signature algorithm of the root CA should not matter. 1379const WeakDigestTestData kVerifyRootCATestData[] = { 1380 { "weak_digest_md5_root.pem", "weak_digest_sha1_intermediate.pem", 1381 "weak_digest_sha1_ee.pem", EXPECT_SHA1 }, 1382#if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1383 // MD4 is not supported by OS X / NSS 1384 { "weak_digest_md4_root.pem", "weak_digest_sha1_intermediate.pem", 1385 "weak_digest_sha1_ee.pem", EXPECT_SHA1 }, 1386#endif 1387 { "weak_digest_md2_root.pem", "weak_digest_sha1_intermediate.pem", 1388 "weak_digest_sha1_ee.pem", EXPECT_SHA1 }, 1389}; 1390INSTANTIATE_TEST_CASE_P(VerifyRoot, CertVerifyProcWeakDigestTest, 1391 testing::ValuesIn(kVerifyRootCATestData)); 1392 1393// The signature algorithm of intermediates should be properly detected. 1394const WeakDigestTestData kVerifyIntermediateCATestData[] = { 1395 { "weak_digest_sha1_root.pem", "weak_digest_md5_intermediate.pem", 1396 "weak_digest_sha1_ee.pem", EXPECT_MD5 | EXPECT_SHA1 }, 1397#if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1398 // MD4 is not supported by OS X / NSS 1399 { "weak_digest_sha1_root.pem", "weak_digest_md4_intermediate.pem", 1400 "weak_digest_sha1_ee.pem", EXPECT_MD4 | EXPECT_SHA1 }, 1401#endif 1402 { "weak_digest_sha1_root.pem", "weak_digest_md2_intermediate.pem", 1403 "weak_digest_sha1_ee.pem", EXPECT_MD2 | EXPECT_SHA1 }, 1404}; 1405// Disabled on NSS - MD4 is not supported, and MD2 and MD5 are disabled. 1406#if defined(USE_NSS) || defined(OS_IOS) 1407#define MAYBE_VerifyIntermediate DISABLED_VerifyIntermediate 1408#else 1409#define MAYBE_VerifyIntermediate VerifyIntermediate 1410#endif 1411WRAPPED_INSTANTIATE_TEST_CASE_P( 1412 MAYBE_VerifyIntermediate, 1413 CertVerifyProcWeakDigestTest, 1414 testing::ValuesIn(kVerifyIntermediateCATestData)); 1415 1416// The signature algorithm of end-entity should be properly detected. 1417const WeakDigestTestData kVerifyEndEntityTestData[] = { 1418 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem", 1419 "weak_digest_md5_ee.pem", EXPECT_MD5 | EXPECT_SHA1 }, 1420#if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1421 // MD4 is not supported by OS X / NSS 1422 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem", 1423 "weak_digest_md4_ee.pem", EXPECT_MD4 | EXPECT_SHA1 }, 1424#endif 1425 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem", 1426 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_SHA1 }, 1427}; 1428// Disabled on NSS - NSS caches chains/signatures in such a way that cannot 1429// be cleared until NSS is cleanly shutdown, which is not presently supported 1430// in Chromium. 1431#if defined(USE_NSS) || defined(OS_IOS) 1432#define MAYBE_VerifyEndEntity DISABLED_VerifyEndEntity 1433#else 1434#define MAYBE_VerifyEndEntity VerifyEndEntity 1435#endif 1436WRAPPED_INSTANTIATE_TEST_CASE_P(MAYBE_VerifyEndEntity, 1437 CertVerifyProcWeakDigestTest, 1438 testing::ValuesIn(kVerifyEndEntityTestData)); 1439 1440// Incomplete chains should still report the status of the intermediate. 1441const WeakDigestTestData kVerifyIncompleteIntermediateTestData[] = { 1442 { NULL, "weak_digest_md5_intermediate.pem", "weak_digest_sha1_ee.pem", 1443 EXPECT_MD5 | EXPECT_SHA1 }, 1444#if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1445 // MD4 is not supported by OS X / NSS 1446 { NULL, "weak_digest_md4_intermediate.pem", "weak_digest_sha1_ee.pem", 1447 EXPECT_MD4 | EXPECT_SHA1 }, 1448#endif 1449 { NULL, "weak_digest_md2_intermediate.pem", "weak_digest_sha1_ee.pem", 1450 EXPECT_MD2 | EXPECT_SHA1 }, 1451}; 1452// Disabled on NSS - libpkix does not return constructed chains on error, 1453// preventing us from detecting/inspecting the verified chain. 1454#if defined(USE_NSS) || defined(OS_IOS) 1455#define MAYBE_VerifyIncompleteIntermediate \ 1456 DISABLED_VerifyIncompleteIntermediate 1457#else 1458#define MAYBE_VerifyIncompleteIntermediate VerifyIncompleteIntermediate 1459#endif 1460WRAPPED_INSTANTIATE_TEST_CASE_P( 1461 MAYBE_VerifyIncompleteIntermediate, 1462 CertVerifyProcWeakDigestTest, 1463 testing::ValuesIn(kVerifyIncompleteIntermediateTestData)); 1464 1465// Incomplete chains should still report the status of the end-entity. 1466const WeakDigestTestData kVerifyIncompleteEETestData[] = { 1467 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md5_ee.pem", 1468 EXPECT_MD5 | EXPECT_SHA1 }, 1469#if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1470 // MD4 is not supported by OS X / NSS 1471 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md4_ee.pem", 1472 EXPECT_MD4 | EXPECT_SHA1 }, 1473#endif 1474 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md2_ee.pem", 1475 EXPECT_MD2 | EXPECT_SHA1 }, 1476}; 1477// Disabled on NSS - libpkix does not return constructed chains on error, 1478// preventing us from detecting/inspecting the verified chain. 1479#if defined(USE_NSS) || defined(OS_IOS) 1480#define MAYBE_VerifyIncompleteEndEntity DISABLED_VerifyIncompleteEndEntity 1481#else 1482#define MAYBE_VerifyIncompleteEndEntity VerifyIncompleteEndEntity 1483#endif 1484WRAPPED_INSTANTIATE_TEST_CASE_P( 1485 MAYBE_VerifyIncompleteEndEntity, 1486 CertVerifyProcWeakDigestTest, 1487 testing::ValuesIn(kVerifyIncompleteEETestData)); 1488 1489// Differing algorithms between the intermediate and the EE should still be 1490// reported. 1491const WeakDigestTestData kVerifyMixedTestData[] = { 1492 { "weak_digest_sha1_root.pem", "weak_digest_md5_intermediate.pem", 1493 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD5 }, 1494 { "weak_digest_sha1_root.pem", "weak_digest_md2_intermediate.pem", 1495 "weak_digest_md5_ee.pem", EXPECT_MD2 | EXPECT_MD5 }, 1496#if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1497 // MD4 is not supported by OS X / NSS 1498 { "weak_digest_sha1_root.pem", "weak_digest_md4_intermediate.pem", 1499 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD4 }, 1500#endif 1501}; 1502// NSS does not support MD4 and does not enable MD2 by default, making all 1503// permutations invalid. 1504#if defined(USE_NSS) || defined(OS_IOS) 1505#define MAYBE_VerifyMixed DISABLED_VerifyMixed 1506#else 1507#define MAYBE_VerifyMixed VerifyMixed 1508#endif 1509WRAPPED_INSTANTIATE_TEST_CASE_P( 1510 MAYBE_VerifyMixed, 1511 CertVerifyProcWeakDigestTest, 1512 testing::ValuesIn(kVerifyMixedTestData)); 1513 1514// For the list of valid hostnames, see 1515// net/cert/data/ssl/certificates/subjectAltName_sanity_check.pem 1516static const struct CertVerifyProcNameData { 1517 const char* hostname; 1518 bool valid; // Whether or not |hostname| matches a subjectAltName. 1519} kVerifyNameData[] = { 1520 { "127.0.0.1", false }, // Don't match the common name 1521 { "127.0.0.2", true }, // Matches the iPAddress SAN (IPv4) 1522 { "FE80:0:0:0:0:0:0:1", true }, // Matches the iPAddress SAN (IPv6) 1523 { "[FE80:0:0:0:0:0:0:1]", false }, // Should not match the iPAddress SAN 1524 { "FE80::1", true }, // Compressed form matches the iPAddress SAN (IPv6) 1525 { "::127.0.0.2", false }, // IPv6 mapped form should NOT match iPAddress SAN 1526 { "test.example", true }, // Matches the dNSName SAN 1527 { "test.example.", true }, // Matches the dNSName SAN (trailing . ignored) 1528 { "www.test.example", false }, // Should not match the dNSName SAN 1529 { "test..example", false }, // Should not match the dNSName SAN 1530 { "test.example..", false }, // Should not match the dNSName SAN 1531 { ".test.example.", false }, // Should not match the dNSName SAN 1532 { ".test.example", false }, // Should not match the dNSName SAN 1533}; 1534 1535// GTest 'magic' pretty-printer, so that if/when a test fails, it knows how 1536// to output the parameter that was passed. Without this, it will simply 1537// attempt to print out the first twenty bytes of the object, which depending 1538// on platform and alignment, may result in an invalid read. 1539void PrintTo(const CertVerifyProcNameData& data, std::ostream* os) { 1540 *os << "Hostname: " << data.hostname << "; valid=" << data.valid; 1541} 1542 1543class CertVerifyProcNameTest 1544 : public CertVerifyProcTest, 1545 public testing::WithParamInterface<CertVerifyProcNameData> { 1546 public: 1547 CertVerifyProcNameTest() {} 1548 virtual ~CertVerifyProcNameTest() {} 1549}; 1550 1551TEST_P(CertVerifyProcNameTest, VerifyCertName) { 1552 CertVerifyProcNameData data = GetParam(); 1553 1554 CertificateList cert_list = CreateCertificateListFromFile( 1555 GetTestCertsDirectory(), "subjectAltName_sanity_check.pem", 1556 X509Certificate::FORMAT_AUTO); 1557 ASSERT_EQ(1U, cert_list.size()); 1558 scoped_refptr<X509Certificate> cert(cert_list[0]); 1559 1560 ScopedTestRoot scoped_root(cert.get()); 1561 1562 CertVerifyResult verify_result; 1563 int error = Verify(cert.get(), data.hostname, 0, NULL, empty_cert_list_, 1564 &verify_result); 1565 if (data.valid) { 1566 EXPECT_EQ(OK, error); 1567 EXPECT_FALSE(verify_result.cert_status & CERT_STATUS_COMMON_NAME_INVALID); 1568 } else { 1569 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, error); 1570 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_COMMON_NAME_INVALID); 1571 } 1572} 1573 1574WRAPPED_INSTANTIATE_TEST_CASE_P( 1575 VerifyName, 1576 CertVerifyProcNameTest, 1577 testing::ValuesIn(kVerifyNameData)); 1578 1579} // namespace net 1580