1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_CERT_CT_LOG_VERIFIER_H_
6#define NET_CERT_CT_LOG_VERIFIER_H_
7
8#include <string>
9
10#include "base/gtest_prod_util.h"
11#include "base/memory/ref_counted.h"
12#include "base/strings/string_piece.h"
13#include "net/base/net_export.h"
14#include "net/cert/signed_certificate_timestamp.h"
15#include "third_party/boringssl/src/include/openssl/base.h"
16
17namespace net {
18
19namespace ct {
20struct MerkleAuditProof;
21struct MerkleConsistencyProof;
22struct SignedTreeHead;
23} // namespace ct
24
25// Class for verifying signatures of a single Certificate Transparency
26// log, whose identity is provided during construction.
27// Currently can verify Signed Certificate Timestamp (SCT) and Signed
28// Tree Head (STH) signatures.
29// Immutable: Does not hold any state beyond the log information it was
30// initialized with.
31class NET_EXPORT CTLogVerifier
32 : public base::RefCountedThreadSafe<CTLogVerifier> {
33 public:
34 // Creates a new CTLogVerifier that will verify SignedCertificateTimestamps
35 // using |public_key|, which is a DER-encoded SubjectPublicKeyInfo.
36 // If |public_key| refers to an unsupported public key, returns NULL.
37 // |description| is a textual description of the log.
38 // |dns_domain| is the DNS name of the log's DNS API endpoint, if one exists.
39 static scoped_refptr<const CTLogVerifier> Create(
40 const base::StringPiece& public_key,
41 std::string description,
42 std::string dns_domain);
43
44 // Returns the log's key ID (RFC6962, Section 3.2)
45 const std::string& key_id() const { return key_id_; }
46 // Returns the log's human-readable description.
47 const std::string& description() const { return description_; }
48
49 // Returns the log's DNS domain for CT over DNS queries, as described in
50 // https://github.com/google/certificate-transparency-rfcs/blob/master/dns/draft-ct-over-dns.md.
51 const std::string& dns_domain() const { return dns_domain_; }
52
53 // Verifies that |sct| is valid for |entry| and was signed by this log.
54 bool Verify(const ct::SignedEntryData& entry,
55 const ct::SignedCertificateTimestamp& sct) const;
56
57 // Verifies that |signed_tree_head| is a valid Signed Tree Head (RFC 6962,
58 // Section 3.5) for this log.
59 bool VerifySignedTreeHead(const ct::SignedTreeHead& signed_tree_head) const;
60
61 // Verifies that |proof| is a valid consistency proof (RFC 6962, Section
62 // 2.1.2) for this log, and which proves that |old_tree_hash| has
63 // been fully incorporated into the Merkle tree represented by
64 // |new_tree_hash|.
65 bool VerifyConsistencyProof(const ct::MerkleConsistencyProof& proof,
66 const std::string& old_tree_hash,
67 const std::string& new_tree_hash) const;
68
69 // Verifies that |proof| is a valid audit proof (RFC 6962, Section 2.1.1) for
70 // this log, and which proves that the certificate represented by |leaf_hash|
71 // has been incorporated into the Merkle tree represented by |root_hash|.
72 // Returns true if verification succeeds, false otherwise.
73 bool VerifyAuditProof(const ct::MerkleAuditProof& proof,
74 const std::string& root_hash,
75 const std::string& leaf_hash) const;
76
77 private:
78 FRIEND_TEST_ALL_PREFIXES(CTLogVerifierTest, VerifySignature);
79 friend class base::RefCountedThreadSafe<CTLogVerifier>;
80
81 CTLogVerifier(std::string description, std::string dns_domain);
82 ~CTLogVerifier();
83
84 // Performs crypto-library specific initialization.
85 bool Init(const base::StringPiece& public_key);
86
87 // Performs the underlying verification using the selected public key. Note
88 // that |signature| contains the raw signature data (eg: without any
89 // DigitallySigned struct encoding).
90 bool VerifySignature(const base::StringPiece& data_to_sign,
91 const base::StringPiece& signature) const;
92
93 // Returns true if the signature and hash algorithms in |signature|
94 // match those of the log
95 bool SignatureParametersMatch(const ct::DigitallySigned& signature) const;
96
97 std::string key_id_;
98 std::string description_;
99 std::string dns_domain_;
100 ct::DigitallySigned::HashAlgorithm hash_algorithm_;
101 ct::DigitallySigned::SignatureAlgorithm signature_algorithm_;
102
103 EVP_PKEY* public_key_;
104};
105
106} // namespace net
107
108#endif // NET_CERT_CT_LOG_VERIFIER_H_
109