Line data Source code
1 : /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 : /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 : /* This Source Code Form is subject to the terms of the Mozilla Public
4 : * License, v. 2.0. If a copy of the MPL was not distributed with this
5 : * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 :
7 : #ifndef CTLogVerifier_h
8 : #define CTLogVerifier_h
9 :
10 : #include "CTLog.h"
11 : #include "pkix/Input.h"
12 : #include "pkix/pkix.h"
13 : #include "pkix/Result.h"
14 : #include "ScopedNSSTypes.h"
15 : #include "SignedCertificateTimestamp.h"
16 : #include "SignedTreeHead.h"
17 :
18 : namespace mozilla { namespace ct {
19 :
20 : // Verifies Signed Certificate Timestamps (SCTs) provided by a specific log
21 : // using the public key of that log. Assumes the SCT being verified
22 : // matches the log by log key ID and signature parameters (an error is returned
23 : // otherwise).
24 : // The verification functions return Success if the provided SCT has passed
25 : // verification, ERROR_BAD_SIGNATURE if failed verification, or other result
26 : // on error.
27 62 : class CTLogVerifier
28 : {
29 : public:
30 : CTLogVerifier();
31 :
32 : // Initializes the verifier with log-specific information. Only the public
33 : // key is used for verification, other parameters are purely informational.
34 : // |subjectPublicKeyInfo| is a DER-encoded SubjectPublicKeyInfo.
35 : // |operatorId| The numeric ID of the log operator as assigned at
36 : // https://www.certificate-transparency.org/known-logs .
37 : // |logStatus| Either "Included" or "Disqualified".
38 : // |disqualificationTime| Disqualification timestamp (for disqualified logs).
39 : // An error is returned if |subjectPublicKeyInfo| refers to an unsupported
40 : // public key.
41 : pkix::Result Init(pkix::Input subjectPublicKeyInfo,
42 : CTLogOperatorId operatorId,
43 : CTLogStatus logStatus,
44 : uint64_t disqualificationTime);
45 :
46 : // Returns the log's key ID, which is a SHA256 hash of its public key.
47 : // See RFC 6962, Section 3.2.
48 0 : const Buffer& keyId() const { return mKeyId; }
49 :
50 0 : CTLogOperatorId operatorId() const { return mOperatorId; }
51 0 : bool isDisqualified() const { return mDisqualified; }
52 0 : uint64_t disqualificationTime() const { return mDisqualificationTime; }
53 :
54 : // Verifies that |sct| contains a valid signature for |entry|.
55 : // |sct| must be signed by the verifier's log.
56 : pkix::Result Verify(const LogEntry& entry,
57 : const SignedCertificateTimestamp& sct);
58 :
59 : // Verifies the signature in |sth|.
60 : // |sth| must be signed by the verifier's log.
61 : pkix::Result VerifySignedTreeHead(const SignedTreeHead& sth);
62 :
63 : // Returns true if the signature and hash algorithms in |signature|
64 : // match those of the log.
65 : bool SignatureParametersMatch(const DigitallySigned& signature);
66 :
67 : private:
68 : // Performs the underlying verification using the log's public key. Note
69 : // that |signature| contains the raw signature data (i.e. without any
70 : // DigitallySigned struct encoding).
71 : // Returns Success if passed verification, ERROR_BAD_SIGNATURE if failed
72 : // verification, or other result on error.
73 : pkix::Result VerifySignature(pkix::Input data, pkix::Input signature);
74 : pkix::Result VerifySignature(const Buffer& data, const Buffer& signature);
75 :
76 : // mPublicECKey works around an architectural deficiency in NSS. In the case
77 : // of EC, if we don't create, import, and cache this key, NSS will import and
78 : // verify it every signature verification, which is slow. For RSA, this is
79 : // unused and will be null.
80 : UniqueSECKEYPublicKey mPublicECKey;
81 : Buffer mSubjectPublicKeyInfo;
82 : Buffer mKeyId;
83 : DigitallySigned::SignatureAlgorithm mSignatureAlgorithm;
84 : CTLogOperatorId mOperatorId;
85 : bool mDisqualified;
86 : uint64_t mDisqualificationTime;
87 : };
88 :
89 : } } // namespace mozilla::ct
90 :
91 : #endif // CTLogVerifier_h
|
