search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Correct blacklist entry message
[chromium-blink-merge.git] / net / socket / nss_ssl_util.cc
blob7e3aee430c4417353bca38270ea2f4564e90a0e0
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/socket/nss_ssl_util.h"
6
7 #include <nss.h>
8 #include <secerr.h>
9 #include <ssl.h>
10 #include <sslerr.h>
11 #include <sslproto.h>
12
13 #include <string>
14
15 #include "base/bind.h"
16 #include "base/lazy_instance.h"
17 #include "base/logging.h"
18 #include "base/memory/singleton.h"
19 #include "base/threading/thread_restrictions.h"
20 #include "base/values.h"
21 #include "build/build_config.h"
22 #include "crypto/nss_util.h"
23 #include "net/base/net_errors.h"
24 #include "net/base/net_log.h"
25
26 #if defined(OS_WIN)
27 #include "base/win/windows_version.h"
28 #endif
29
30 namespace net {
31
32 class NSSSSLInitSingleton {
33 public:
34 NSSSSLInitSingleton() {
35 crypto::EnsureNSSInit();
36
37 NSS_SetDomesticPolicy();
38
39 const PRUint16* const ssl_ciphers = SSL_GetImplementedCiphers();
40 const PRUint16 num_ciphers = SSL_GetNumImplementedCiphers();
41
42 // Disable ECDSA cipher suites on platforms that do not support ECDSA
43 // signed certificates, as servers may use the presence of such
44 // ciphersuites as a hint to send an ECDSA certificate.
45 bool disableECDSA = false;
46 #if defined(OS_WIN)
47 if (base::win::GetVersion() < base::win::VERSION_VISTA)
48 disableECDSA = true;
49 #endif
50
51 // Explicitly enable exactly those ciphers with keys of at least 80 bits
52 for (int i = 0; i < num_ciphers; i++) {
53 SSLCipherSuiteInfo info;
54 if (SSL_GetCipherSuiteInfo(ssl_ciphers[i], &info,
55 sizeof(info)) == SECSuccess) {
56 bool enabled = info.effectiveKeyBits >= 80;
57 if (info.authAlgorithm == ssl_auth_ecdsa && disableECDSA)
58 enabled = false;
59
60 // Trim the list of cipher suites in order to keep the size of the
61 // ClientHello down. DSS, ECDH, CAMELLIA, SEED, ECC+3DES, and
62 // HMAC-SHA256 cipher suites are disabled.
63 if (info.symCipher == ssl_calg_camellia ||
64 info.symCipher == ssl_calg_seed ||
65 (info.symCipher == ssl_calg_3des && info.keaType != ssl_kea_rsa) ||
66 info.authAlgorithm == ssl_auth_dsa ||
67 info.macAlgorithm == ssl_hmac_sha256 ||
68 info.nonStandard ||
69 strcmp(info.keaTypeName, "ECDH") == 0) {
70 enabled = false;
71 }
72
73 if (ssl_ciphers[i] == TLS_DHE_DSS_WITH_AES_128_CBC_SHA) {
74 // Enabled to allow servers with only a DSA certificate to function.
75 enabled = true;
76 }
77 SSL_CipherPrefSetDefault(ssl_ciphers[i], enabled);
78 }
79 }
80
81 // Enable SSL.
82 SSL_OptionSetDefault(SSL_SECURITY, PR_TRUE);
83
84 // All other SSL options are set per-session by SSLClientSocket and
85 // SSLServerSocket.
86 }
87
88 ~NSSSSLInitSingleton() {
89 // Have to clear the cache, or NSS_Shutdown fails with SEC_ERROR_BUSY.
90 SSL_ClearSessionCache();
91 }
92 };
93
94 static base::LazyInstance<NSSSSLInitSingleton> g_nss_ssl_init_singleton =
95 LAZY_INSTANCE_INITIALIZER;
96
97 // Initialize the NSS SSL library if it isn't already initialized. This must
98 // be called before any other NSS SSL functions. This function is
99 // thread-safe, and the NSS SSL library will only ever be initialized once.
100 // The NSS SSL library will be properly shut down on program exit.
101 void EnsureNSSSSLInit() {
102 // Initializing SSL causes us to do blocking IO.
103 // Temporarily allow it until we fix
104 // http://code.google.com/p/chromium/issues/detail?id=59847
105 base::ThreadRestrictions::ScopedAllowIO allow_io;
106
107 g_nss_ssl_init_singleton.Get();
108 }
109
110 // Map a Chromium net error code to an NSS error code.
111 // See _MD_unix_map_default_error in the NSS source
112 // tree for inspiration.
113 PRErrorCode MapErrorToNSS(int result) {
114 if (result >=0)
115 return result;
116
117 switch (result) {
118 case ERR_IO_PENDING:
119 return PR_WOULD_BLOCK_ERROR;
120 case ERR_ACCESS_DENIED:
121 case ERR_NETWORK_ACCESS_DENIED:
122 // For connect, this could be mapped to PR_ADDRESS_NOT_SUPPORTED_ERROR.
123 return PR_NO_ACCESS_RIGHTS_ERROR;
124 case ERR_NOT_IMPLEMENTED:
125 return PR_NOT_IMPLEMENTED_ERROR;
126 case ERR_SOCKET_NOT_CONNECTED:
127 return PR_NOT_CONNECTED_ERROR;
128 case ERR_INTERNET_DISCONNECTED: // Equivalent to ENETDOWN.
129 return PR_NETWORK_UNREACHABLE_ERROR; // Best approximation.
130 case ERR_CONNECTION_TIMED_OUT:
131 case ERR_TIMED_OUT:
132 return PR_IO_TIMEOUT_ERROR;
133 case ERR_CONNECTION_RESET:
134 return PR_CONNECT_RESET_ERROR;
135 case ERR_CONNECTION_ABORTED:
136 return PR_CONNECT_ABORTED_ERROR;
137 case ERR_CONNECTION_REFUSED:
138 return PR_CONNECT_REFUSED_ERROR;
139 case ERR_ADDRESS_UNREACHABLE:
140 return PR_HOST_UNREACHABLE_ERROR; // Also PR_NETWORK_UNREACHABLE_ERROR.
141 case ERR_ADDRESS_INVALID:
142 return PR_ADDRESS_NOT_AVAILABLE_ERROR;
143 case ERR_NAME_NOT_RESOLVED:
144 return PR_DIRECTORY_LOOKUP_ERROR;
145 default:
146 LOG(WARNING) << "MapErrorToNSS " << result
147 << " mapped to PR_UNKNOWN_ERROR";
148 return PR_UNKNOWN_ERROR;
149 }
150 }
151
152 // The default error mapping function.
153 // Maps an NSS error code to a network error code.
154 int MapNSSError(PRErrorCode err) {
155 // TODO(port): fill this out as we learn what's important
156 switch (err) {
157 case PR_WOULD_BLOCK_ERROR:
158 return ERR_IO_PENDING;
159 case PR_ADDRESS_NOT_SUPPORTED_ERROR: // For connect.
160 case PR_NO_ACCESS_RIGHTS_ERROR:
161 return ERR_ACCESS_DENIED;
162 case PR_IO_TIMEOUT_ERROR:
163 return ERR_TIMED_OUT;
164 case PR_CONNECT_RESET_ERROR:
165 return ERR_CONNECTION_RESET;
166 case PR_CONNECT_ABORTED_ERROR:
167 return ERR_CONNECTION_ABORTED;
168 case PR_CONNECT_REFUSED_ERROR:
169 return ERR_CONNECTION_REFUSED;
170 case PR_NOT_CONNECTED_ERROR:
171 return ERR_SOCKET_NOT_CONNECTED;
172 case PR_HOST_UNREACHABLE_ERROR:
173 case PR_NETWORK_UNREACHABLE_ERROR:
174 return ERR_ADDRESS_UNREACHABLE;
175 case PR_ADDRESS_NOT_AVAILABLE_ERROR:
176 return ERR_ADDRESS_INVALID;
177 case PR_INVALID_ARGUMENT_ERROR:
178 return ERR_INVALID_ARGUMENT;
179 case PR_END_OF_FILE_ERROR:
180 return ERR_CONNECTION_CLOSED;
181 case PR_NOT_IMPLEMENTED_ERROR:
182 return ERR_NOT_IMPLEMENTED;
183
184 case SEC_ERROR_LIBRARY_FAILURE:
185 return ERR_UNEXPECTED;
186 case SEC_ERROR_INVALID_ARGS:
187 return ERR_INVALID_ARGUMENT;
188 case SEC_ERROR_NO_MEMORY:
189 return ERR_OUT_OF_MEMORY;
190 case SEC_ERROR_NO_KEY:
191 return ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY;
192 case SEC_ERROR_INVALID_KEY:
193 case SSL_ERROR_SIGN_HASHES_FAILURE:
194 LOG(ERROR) << "ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED: NSS error " << err
195 << ", OS error " << PR_GetOSError();
196 return ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED;
197 // A handshake (initial or renegotiation) may fail because some signature
198 // (for example, the signature in the ServerKeyExchange message for an
199 // ephemeral Diffie-Hellman cipher suite) is invalid.
200 case SEC_ERROR_BAD_SIGNATURE:
201 return ERR_SSL_PROTOCOL_ERROR;
202
203 case SSL_ERROR_SSL_DISABLED:
204 return ERR_NO_SSL_VERSIONS_ENABLED;
205 case SSL_ERROR_NO_CYPHER_OVERLAP:
206 case SSL_ERROR_PROTOCOL_VERSION_ALERT:
207 case SSL_ERROR_UNSUPPORTED_VERSION:
208 return ERR_SSL_VERSION_OR_CIPHER_MISMATCH;
209 case SSL_ERROR_HANDSHAKE_FAILURE_ALERT:
210 case SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT:
211 case SSL_ERROR_ILLEGAL_PARAMETER_ALERT:
212 return ERR_SSL_PROTOCOL_ERROR;
213 case SSL_ERROR_DECOMPRESSION_FAILURE_ALERT:
214 return ERR_SSL_DECOMPRESSION_FAILURE_ALERT;
215 case SSL_ERROR_BAD_MAC_ALERT:
216 return ERR_SSL_BAD_RECORD_MAC_ALERT;
217 case SSL_ERROR_DECRYPT_ERROR_ALERT:
218 return ERR_SSL_DECRYPT_ERROR_ALERT;
219 case SSL_ERROR_UNSAFE_NEGOTIATION:
220 return ERR_SSL_UNSAFE_NEGOTIATION;
221 case SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY:
222 return ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY;
223 case SSL_ERROR_HANDSHAKE_NOT_COMPLETED:
224 return ERR_SSL_HANDSHAKE_NOT_COMPLETED;
225 case SEC_ERROR_BAD_KEY:
226 case SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE:
227 // TODO(wtc): the following errors may also occur in contexts unrelated
228 // to the peer's public key. We should add new error codes for them, or
229 // map them to ERR_SSL_BAD_PEER_PUBLIC_KEY only in the right context.
230 // General unsupported/unknown key algorithm error.
231 case SEC_ERROR_UNSUPPORTED_KEYALG:
232 // General DER decoding errors.
233 case SEC_ERROR_BAD_DER:
234 case SEC_ERROR_EXTRA_INPUT:
235 return ERR_SSL_BAD_PEER_PUBLIC_KEY;
236 // During renegotiation, the server presented a different certificate than
237 // was used earlier.
238 case SSL_ERROR_WRONG_CERTIFICATE:
239 return ERR_SSL_SERVER_CERT_CHANGED;
240
241 default: {
242 if (IS_SSL_ERROR(err)) {
243 LOG(WARNING) << "Unknown SSL error " << err
244 << " mapped to net::ERR_SSL_PROTOCOL_ERROR";
245 return ERR_SSL_PROTOCOL_ERROR;
246 }
247 LOG(WARNING) << "Unknown error " << err << " mapped to net::ERR_FAILED";
248 return ERR_FAILED;
249 }
250 }
251 }
252
253 // Returns parameters to attach to the NetLog when we receive an error in
254 // response to a call to an NSS function. Used instead of
255 // NetLogSSLErrorCallback with events of type TYPE_SSL_NSS_ERROR.
256 base::Value* NetLogSSLFailedNSSFunctionCallback(
257 const char* function,
258 const char* param,
259 int ssl_lib_error,
260 NetLog::LogLevel /* log_level */) {
261 base::DictionaryValue* dict = new base::DictionaryValue();
262 dict->SetString("function", function);
263 if (param[0] != '\0')
264 dict->SetString("param", param);
265 dict->SetInteger("ssl_lib_error", ssl_lib_error);
266 return dict;
267 }
268
269 void LogFailedNSSFunction(const BoundNetLog& net_log,
270 const char* function,
271 const char* param) {
272 DCHECK(function);
273 DCHECK(param);
274 net_log.AddEvent(
275 NetLog::TYPE_SSL_NSS_ERROR,
276 base::Bind(&NetLogSSLFailedNSSFunctionCallback,
277 function, param, PR_GetError()));
278 }
279
280 } // namespace net