1//
2// Copyright (C) 2011 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8//      http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17#ifndef UPDATE_ENGINE_CERTIFICATE_CHECKER_H_
18#define UPDATE_ENGINE_CERTIFICATE_CHECKER_H_
19
20#include <curl/curl.h>
21#include <openssl/ssl.h>
22
23#include <string>
24
25#include <base/macros.h>
26#include <gtest/gtest_prod.h>  // for FRIEND_TEST
27
28namespace chromeos_update_engine {
29
30class PrefsInterface;
31
32// Wrapper for openssl operations with the certificates.
33class OpenSSLWrapper {
34 public:
35  OpenSSLWrapper() = default;
36  virtual ~OpenSSLWrapper() = default;
37
38  // Takes an openssl X509_STORE_CTX, extracts the corresponding certificate
39  // from it and calculates its fingerprint (SHA256 digest). Returns true on
40  // success and false otherwise.
41  //
42  // |x509_ctx| is the pointer to the openssl object that holds the certificate.
43  // |out_depth| is the depth of the current certificate, in the certificate
44  // chain.
45  // |out_digest_length| is the length of the generated digest.
46  // |out_digest| is the byte array where the digest itself will be written.
47  // It should be big enough to hold a SHA1 digest (e.g. EVP_MAX_MD_SIZE).
48  virtual bool GetCertificateDigest(X509_STORE_CTX* x509_ctx,
49                                    int* out_depth,
50                                    unsigned int* out_digest_length,
51                                    uint8_t* out_digest) const;
52
53 private:
54  DISALLOW_COPY_AND_ASSIGN(OpenSSLWrapper);
55};
56
57// The values in this enum are replicated in the metrics server. See metrics.h
58// for instructions on how to update these values in the server side.
59enum class CertificateCheckResult {
60  // The certificate is valid and the same as seen before or the first time we
61  // see a certificate.
62  kValid,
63  // The certificate is valid, but is different than a previously seen
64  // certificate for the selected server.
65  kValidChanged,
66  // The certificate validation failed.
67  kFailed,
68
69  // This value must be the last entry.
70  kNumConstants
71};
72
73// These values are used to generate the keys of files persisted via prefs.
74// This means that changing these will cause loss of information on metrics
75// reporting, during the transition. These values are also mapped to a metric
76// name in metrics.cc, so adding values here requires to assign a new metric
77// name in that file.
78enum class ServerToCheck {
79  kUpdate = 0,
80  kDownload,
81
82  // Ignore this server.
83  kNone,
84};
85
86// Responsible for checking whether update server certificates change, and
87// reporting to UMA when this happens. Since all state information is persisted,
88// and openssl forces us to use a static callback with no data pointer, this
89// class is entirely static.
90class CertificateChecker {
91 public:
92  class Observer {
93   public:
94    virtual ~Observer() = default;
95
96    // Called whenever a certificate is checked for the server |server_to_check|
97    // passing the result of said certificate check.
98    virtual void CertificateChecked(ServerToCheck server_to_check,
99                                    CertificateCheckResult result) = 0;
100  };
101
102  CertificateChecker(PrefsInterface* prefs, OpenSSLWrapper* openssl_wrapper);
103  ~CertificateChecker();
104
105  // This callback is called by libcurl just before the initialization of an
106  // SSL connection after having processed all other SSL related options. Used
107  // to check if server certificates change. |cert_checker| is expected to be a
108  // pointer to the CertificateChecker instance.
109  static CURLcode ProcessSSLContext(CURL* curl_handle,
110                                    SSL_CTX* ssl_ctx,
111                                    void* cert_checker);
112
113  // Initialize this class as the singleton instance. Only one instance can be
114  // initialized at a time and it should be initialized before other methods
115  // can be used.
116  void Init();
117
118  // Set the certificate observer to the passed instance. To remove the
119  // observer, pass a nullptr. The |observer| instance must be valid while this
120  // CertificateChecker verifies certificates.
121  void SetObserver(Observer* observer) { observer_ = observer; }
122
123 private:
124  FRIEND_TEST(CertificateCheckerTest, NewCertificate);
125  FRIEND_TEST(CertificateCheckerTest, SameCertificate);
126  FRIEND_TEST(CertificateCheckerTest, ChangedCertificate);
127  FRIEND_TEST(CertificateCheckerTest, FailedCertificate);
128
129  // These callbacks are asynchronously called by openssl after initial SSL
130  // verification. They are used to perform any additional security verification
131  // on the connection, but we use them here to get hold of the server
132  // certificate, in order to determine if it has changed since the last
133  // connection. Since openssl forces us to do this statically, we define two
134  // different callbacks for the two different official update servers, and only
135  // assign the correspondent one. The assigned callback is then called once per
136  // each certificate on the server and returns 1 for success and 0 for failure.
137  static int VerifySSLCallbackDownload(int preverify_ok,
138                                       X509_STORE_CTX* x509_ctx);
139  static int VerifySSLCallbackUpdate(int preverify_ok,
140                                     X509_STORE_CTX* x509_ctx);
141  static int VerifySSLCallback(int preverify_ok,
142                               X509_STORE_CTX* x509_ctx,
143                               ServerToCheck server_to_check);
144
145  // Checks if server certificate stored in |x509_ctx| has changed since last
146  // connection to that same server, specified by |server_to_check|.
147  // This is called by the callbacks defined above. The result of the
148  // certificate check is passed to the observer, if any. Returns true on
149  // success and false otherwise.
150  bool CheckCertificateChange(int preverify_ok,
151                              X509_STORE_CTX* x509_ctx,
152                              ServerToCheck server_to_check);
153
154  // Notifies the observer, if any, of a certificate checking.
155  void NotifyCertificateChecked(ServerToCheck server_to_check,
156                                CertificateCheckResult result);
157
158  // The CertificateChecker singleton instance.
159  static CertificateChecker* cert_checker_singleton_;
160
161  // Prefs instance used to store the certificates seen in the past.
162  PrefsInterface* prefs_;
163
164  // The wrapper for openssl operations.
165  OpenSSLWrapper* openssl_wrapper_;
166
167  // The observer called whenever a certificate is checked, if not null.
168  Observer* observer_{nullptr};
169
170  DISALLOW_COPY_AND_ASSIGN(CertificateChecker);
171};
172
173}  // namespace chromeos_update_engine
174
175#endif  // UPDATE_ENGINE_CERTIFICATE_CHECKER_H_
176