// Copyright 2019 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "cast/sender/channel/cast_auth_util.h" #include <openssl/rand.h> #include <algorithm> #include <memory> #include "cast/common/certificate/cast_cert_validator.h" #include "cast/common/certificate/cast_crl.h" #include "cast/common/certificate/date_time.h" #include "cast/common/channel/proto/cast_channel.pb.h" #include "cast/common/public/parsed_certificate.h" #include "cast/common/public/trust_store.h" #include "platform/api/time.h" #include "platform/base/error.h" #include "util/osp_logging.h" #include "util/span_util.h" #include "util/string_util.h" namespace openscreen::cast { AuthResponse; CastMessage; DeviceAuthMessage; HashAlgorithm; namespace { #define PARSE_ERROR_PREFIX … // The maximum number of days a cert can live for. constexpr int kMaxSelfSignedCertLifetimeInDays = …; // The size of the nonce challenge in bytes. constexpr int kNonceSizeInBytes = …; // The number of hours after which a nonce is regenerated. constexpr int kNonceExpirationTimeInHours = …; // Extracts an embedded DeviceAuthMessage payload from an auth challenge reply // message. Error ParseAuthMessage(const CastMessage& challenge_reply, DeviceAuthMessage* auth_message) { … } class CastNonce { … }; // Maps an error from certificate verification to an error reported to the // library client. If crl_required is set to false, all revocation related // errors are ignored. // // TODO(issuetracker.google.com/193164666): It would be simpler // to just pass the underlying verification error directly to the client. Error MapToOpenscreenError(const Error& verify_error, bool crl_required) { … } Error VerifyAndMapDigestAlgorithm(HashAlgorithm response_digest_algorithm, DigestAlgorithm* digest_algorithm, bool enforce_sha256_checking) { … } } // namespace // static AuthContext AuthContext::Create() { … } // static AuthContext AuthContext::CreateForTest(const std::string& nonce_data) { … } AuthContext::AuthContext(const std::string& nonce) : … { … } AuthContext::~AuthContext() { … } Error AuthContext::VerifySenderNonce(const std::string& nonce_response, bool enforce_nonce_checking) const { … } Error VerifyTLSCertificateValidity(const ParsedCertificate& peer_cert, std::chrono::seconds verification_time) { … } ErrorOr<CastDeviceCertPolicy> VerifyCredentialsImpl( const AuthResponse& response, const std::vector<uint8_t>& signature_input, const CRLPolicy& crl_policy, TrustStore* cast_trust_store, TrustStore* crl_trust_store, const DateTime& verification_time, bool enforce_sha256_checking); ErrorOr<CastDeviceCertPolicy> AuthenticateChallengeReplyImpl( const CastMessage& challenge_reply, const ParsedCertificate& peer_cert, const AuthContext& auth_context, const CRLPolicy& crl_policy, TrustStore* cast_trust_store, TrustStore* crl_trust_store, const DateTime& verification_time) { … } ErrorOr<CastDeviceCertPolicy> AuthenticateChallengeReply( const CastMessage& challenge_reply, const ParsedCertificate& peer_cert, const AuthContext& auth_context, TrustStore* cast_trust_store, TrustStore* crl_trust_store) { … } ErrorOr<CastDeviceCertPolicy> AuthenticateChallengeReplyForTest( const CastMessage& challenge_reply, const ParsedCertificate& peer_cert, const AuthContext& auth_context, CRLPolicy crl_policy, TrustStore* cast_trust_store, TrustStore* crl_trust_store, const DateTime& verification_time) { … } // This function does the following // // * Verifies that the certificate chain |response.client_auth_certificate| + // |response.intermediate_certificate| is valid and chains to a trusted Cast // root. The list of trusted Cast roots can be overrided by providing a // non-nullptr |cast_trust_store|. The certificate is verified at // |verification_time|. // // * Verifies that none of the certificates in the chain are revoked based on // the CRL provided in the response |response.crl|. The CRL is verified to be // valid and its issuer certificate chains to a trusted Cast CRL root. The // list of trusted Cast CRL roots can be overrided by providing a non-nullptr // |crl_trust_store|. If |crl_policy| is kCrlOptional then the result of // revocation checking is ignored. The CRL is verified at |verification_time|. // // * Verifies that |response.signature| matches the signature of // |signature_input| by |response.client_auth_certificate|'s public key. ErrorOr<CastDeviceCertPolicy> VerifyCredentialsImpl( const AuthResponse& response, const std::vector<uint8_t>& signature_input, const CRLPolicy& crl_policy, TrustStore* cast_trust_store, TrustStore* crl_trust_store, const DateTime& verification_time, bool enforce_sha256_checking) { … } ErrorOr<CastDeviceCertPolicy> VerifyCredentials( const AuthResponse& response, const std::vector<uint8_t>& signature_input, TrustStore* cast_trust_store, TrustStore* crl_trust_store, bool enforce_revocation_checking, bool enforce_sha256_checking) { … } ErrorOr<CastDeviceCertPolicy> VerifyCredentialsForTest( const AuthResponse& response, const std::vector<uint8_t>& signature_input, CRLPolicy crl_policy, TrustStore* cast_trust_store, TrustStore* crl_trust_store, const DateTime& verification_time, bool enforce_sha256_checking) { … } } // namespace openscreen::cast
Codebase Browser
chromium