Roll src/third_party/WebKit d9c6159:8139f33 (svn 201974:201975)
[chromium-blink-merge.git] / net / cert / ct_log_verifier_nss.cc
blob75a87d610f681fa3e911dd45694c496e1987cae6
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/cert/ct_log_verifier.h"
7 #include <cryptohi.h>
8 #include <keyhi.h>
9 #include <nss.h>
10 #include <pk11pub.h>
11 #include <secitem.h>
12 #include <secoid.h>
14 #include "base/logging.h"
15 #include "crypto/nss_util.h"
16 #include "crypto/sha2.h"
17 #include "net/cert/signed_tree_head.h"
19 namespace net {
21 namespace {
23 SECOidTag GetNSSSigAlg(ct::DigitallySigned::SignatureAlgorithm alg) {
24 switch (alg) {
25 case ct::DigitallySigned::SIG_ALGO_RSA:
26 return SEC_OID_PKCS1_RSA_ENCRYPTION;
27 case ct::DigitallySigned::SIG_ALGO_DSA:
28 return SEC_OID_ANSIX9_DSA_SIGNATURE;
29 case ct::DigitallySigned::SIG_ALGO_ECDSA:
30 return SEC_OID_ANSIX962_EC_PUBLIC_KEY;
31 case ct::DigitallySigned::SIG_ALGO_ANONYMOUS:
32 default:
33 NOTREACHED();
34 return SEC_OID_UNKNOWN;
38 SECOidTag GetNSSHashAlg(ct::DigitallySigned::HashAlgorithm alg) {
39 switch (alg) {
40 case ct::DigitallySigned::HASH_ALGO_MD5:
41 return SEC_OID_MD5;
42 case ct::DigitallySigned::HASH_ALGO_SHA1:
43 return SEC_OID_SHA1;
44 case ct::DigitallySigned::HASH_ALGO_SHA224:
45 return SEC_OID_SHA224;
46 case ct::DigitallySigned::HASH_ALGO_SHA256:
47 return SEC_OID_SHA256;
48 case ct::DigitallySigned::HASH_ALGO_SHA384:
49 return SEC_OID_SHA384;
50 case ct::DigitallySigned::HASH_ALGO_SHA512:
51 return SEC_OID_SHA512;
52 case ct::DigitallySigned::HASH_ALGO_NONE:
53 default:
54 NOTREACHED();
55 return SEC_OID_UNKNOWN;
59 } // namespace
61 CTLogVerifier::~CTLogVerifier() {
62 if (public_key_)
63 SECKEY_DestroyPublicKey(public_key_);
66 bool CTLogVerifier::Init(const base::StringPiece& public_key) {
67 SECItem key_data;
69 crypto::EnsureNSSInit();
71 key_data.data = reinterpret_cast<unsigned char*>(
72 const_cast<char*>(public_key.data()));
73 key_data.len = public_key.size();
75 CERTSubjectPublicKeyInfo* public_key_info =
76 SECKEY_DecodeDERSubjectPublicKeyInfo(&key_data);
77 if (!public_key_info) {
78 DVLOG(1) << "Failed decoding public key.";
79 return false;
82 public_key_ = SECKEY_ExtractPublicKey(public_key_info);
83 SECKEY_DestroySubjectPublicKeyInfo(public_key_info);
85 if (!public_key_) {
86 DVLOG(1) << "Failed extracting public key.";
87 return false;
90 key_id_ = crypto::SHA256HashString(public_key);
92 // Right now, only RSASSA-PKCS1v15 with SHA-256 and ECDSA with SHA-256 are
93 // supported.
94 switch (SECKEY_GetPublicKeyType(public_key_)) {
95 case rsaKey:
96 hash_algorithm_ = ct::DigitallySigned::HASH_ALGO_SHA256;
97 signature_algorithm_ = ct::DigitallySigned::SIG_ALGO_RSA;
98 break;
99 case ecKey:
100 hash_algorithm_ = ct::DigitallySigned::HASH_ALGO_SHA256;
101 signature_algorithm_ = ct::DigitallySigned::SIG_ALGO_ECDSA;
102 break;
103 default:
104 DVLOG(1) << "Unsupported key type: "
105 << SECKEY_GetPublicKeyType(public_key_);
106 return false;
109 // Extra sanity check: Require RSA keys of at least 2048 bits.
110 if (signature_algorithm_ == ct::DigitallySigned::SIG_ALGO_RSA &&
111 SECKEY_PublicKeyStrengthInBits(public_key_) < 2048) {
112 DVLOG(1) << "Too small a public key.";
113 return false;
116 return true;
119 bool CTLogVerifier::VerifySignature(const base::StringPiece& data_to_sign,
120 const base::StringPiece& signature) {
121 SECItem sig_data;
122 sig_data.data = reinterpret_cast<unsigned char*>(const_cast<char*>(
123 signature.data()));
124 sig_data.len = signature.size();
126 SECStatus rv = VFY_VerifyDataDirect(
127 reinterpret_cast<const unsigned char*>(data_to_sign.data()),
128 data_to_sign.size(), public_key_, &sig_data,
129 GetNSSSigAlg(signature_algorithm_), GetNSSHashAlg(hash_algorithm_),
130 NULL, NULL);
131 DVLOG(1) << "Signature verification result: " << (rv == SECSuccess);
132 return rv == SECSuccess;
135 } // namespace net