1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
|
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
"use strict";
// How to run this file:
// 1. [obtain CNNIC-issued certificates to be whitelisted]
// 2. [obtain firefox source code]
// 3. [build/obtain firefox binaries]
// 4. run `[path to]/run-mozilla.sh [path to]/xpcshell makeCNNICHashes.js \
// [path to]/intermediatesFile
// [path to]/certlist'
// Where |intermediatesFile| is a file containing PEM encoded intermediate
// certificates that the certificates in |certlist| may be issued by.
// where certlist is a file containing a list of paths to certificates to
// be included in the whitelist
var Cc = Components.classes;
var Ci = Components.interfaces;
var Cu = Components.utils;
var gCertDB = Cc["@mozilla.org/security/x509certdb;1"]
.getService(Ci.nsIX509CertDB);
var { NetUtil } = Cu.import("resource://gre/modules/NetUtil.jsm", {});
var { Services } = Cu.import("resource://gre/modules/Services.jsm", {});
const HEADER = "// This Source Code Form is subject to the terms of the Mozilla Public\n" +
"// License, v. 2.0. If a copy of the MPL was not distributed with this\n" +
"// file, You can obtain one at http://mozilla.org/MPL/2.0/.\n" +
"//\n" +
"//***************************************************************************\n" +
"// This file was automatically generated by makeCNNICHashes.js. It shouldn't\n" +
"// need to be manually edited.\n" +
"//***************************************************************************\n" +
"\n";
const PREAMBLE = "#define CNNIC_WHITELIST_HASH_LEN 32\n\n" +
"struct WhitelistedCNNICHash {\n" +
" const uint8_t hash[CNNIC_WHITELIST_HASH_LEN];\n" +
"};\n\n" +
"static const struct WhitelistedCNNICHash WhitelistedCNNICHashes[] = {\n";
const POSTAMBLE = "};\n";
function writeString(fos, string) {
fos.write(string, string.length);
}
// fingerprint is in the form "00:11:22:..."
function hexSlice(fingerprint, start, end) {
let hexBytes = fingerprint.split(":");
let ret = "";
for (let i = start; i < end; i++) {
let hex = hexBytes[i];
ret += "0x" + hex;
if (i < end - 1) {
ret += ", ";
}
}
return ret;
}
// Write the C++ header file
function writeHashes(certs, lastValidTime, fos) {
writeString(fos, HEADER);
writeString(fos, `// This file may be removed after ${new Date(lastValidTime)}\n\n`);
writeString(fos, PREAMBLE);
certs.forEach(function(cert) {
writeString(fos, " {\n");
writeString(fos, " { " + hexSlice(cert.sha256Fingerprint, 0, 16) + ",\n");
writeString(fos, " " + hexSlice(cert.sha256Fingerprint, 16, 32) + " },\n");
writeString(fos, " },\n");
});
writeString(fos, POSTAMBLE);
}
function readFileContents(file) {
let fstream = Cc["@mozilla.org/network/file-input-stream;1"]
.createInstance(Ci.nsIFileInputStream);
fstream.init(file, -1, 0, 0);
let data = NetUtil.readInputStreamToString(fstream, fstream.available());
fstream.close();
return data;
}
function relativePathToFile(path) {
let currentDirectory = Cc["@mozilla.org/file/directory_service;1"]
.getService(Ci.nsIProperties)
.get("CurWorkD", Ci.nsILocalFile);
let file = Cc["@mozilla.org/file/local;1"].createInstance(Ci.nsILocalFile);
file.initWithPath(currentDirectory.path + "/" + path);
return file;
}
function pathToFile(path) {
let file = relativePathToFile(path);
if (!file.exists()) {
// Fall back to trying absolute path
file = Cc["@mozilla.org/file/local;1"].createInstance(Ci.nsILocalFile);
file.initWithPath(path);
}
return file;
}
// punt on dealing with leap-years
const sixYearsInMilliseconds = 6 * 366 * 24 * 60 * 60 * 1000;
function loadCertificates(certFile, currentWhitelist) {
let nowInMilliseconds = (new Date()).getTime();
// months are 0-indexed, so April is month 3 :(
let april1InMilliseconds = (new Date(2015, 3, 1)).getTime();
let latestNotAfter = nowInMilliseconds;
let certs = [];
let certMap = {};
let invalidCerts = [];
let paths = readFileContents(certFile).split("\n");
for (let path of paths) {
if (!path) {
continue;
}
let certData = readFileContents(pathToFile(path));
let cert = null;
try {
cert = gCertDB.constructX509FromBase64(certData);
} catch (e) {}
if (!cert) {
cert = gCertDB.constructX509(certData, certData.length);
}
// Don't add multiple copies of any particular certificate.
if (cert.sha256Fingerprint in certMap) {
continue;
}
certMap[cert.sha256Fingerprint] = true;
// If we can't verify the certificate, don't include it. Unfortunately, if
// a CNNIC-issued certificate wasn't previously on the whitelist but it
// otherwise verifies successfully, verifyCertNow will return
// SEC_ERROR_REVOKED_CERTIFICATE, so we count that as verifying
// successfully. If the certificate is later revoked by CNNIC, the user
// will see that when they attempt to connect to a site using it and we do
// normal revocation checking.
let errorCode = gCertDB.verifyCertNow(cert, 2 /* SSL Server */,
Ci.nsIX509CertDB.LOCAL_ONLY, null,
{}, {});
if (errorCode != 0 &&
errorCode != -8180 /* SEC_ERROR_REVOKED_CERTIFICATE */) {
continue;
}
let durationMilliseconds = (cert.validity.notAfter - cert.validity.notBefore) / 1000;
let notBeforeMilliseconds = cert.validity.notBefore / 1000;
let notAfterMilliseconds = cert.validity.notAfter / 1000;
// Only consider certificates that were issued before 1 April 2015, haven't
// expired, and have a validity period shorter than 6 years (there is a
// delegated OCSP responder certificate with a validity period of 6 years
// that should be on the whitelist).
// Also only consider certificates that were already on the whitelist.
if (notBeforeMilliseconds < april1InMilliseconds &&
notAfterMilliseconds > nowInMilliseconds &&
durationMilliseconds < sixYearsInMilliseconds &&
currentWhitelist[cert.sha256Fingerprint]) {
certs.push(cert);
if (notAfterMilliseconds > latestNotAfter) {
latestNotAfter = notAfterMilliseconds;
}
}
if (durationMilliseconds >= sixYearsInMilliseconds) {
invalidCerts.push(cert);
}
}
return { certs: certs,
lastValidTime: latestNotAfter,
invalidCerts: invalidCerts };
}
// Expects something like "00:11:22:...", returns a string of bytes.
function hexToBinaryString(hexString) {
let hexBytes = hexString.split(":");
let result = "";
for (let hexByte of hexBytes) {
result += String.fromCharCode(parseInt(hexByte, 16));
}
return result;
}
function compareCertificatesByHash(certA, certB) {
let aBin = hexToBinaryString(certA.sha256Fingerprint);
let bBin = hexToBinaryString(certB.sha256Fingerprint);
if (aBin < bBin) {
return -1;
}
if (aBin > bBin) {
return 1;
}
return 0;
}
function certToPEM(cert) {
let der = cert.getRawDER({});
let derString = '';
for (let i = 0; i < der.length; i++) {
derString += String.fromCharCode(der[i]);
}
let base64Lines = btoa(derString).replace(/(.{64})/g, "$1\n");
let output = "-----BEGIN CERTIFICATE-----\n";
for (let line of base64Lines.split("\n")) {
if (line.length > 0) {
output += line + "\n";
}
}
output += "-----END CERTIFICATE-----";
return output;
}
function loadIntermediates(intermediatesFile) {
let pem = readFileContents(intermediatesFile);
let intermediates = [];
let currentPEM = "";
for (let line of pem.split("\r\n")) {
if (line == "-----END CERTIFICATE-----") {
if (currentPEM) {
intermediates.push(gCertDB.constructX509FromBase64(currentPEM));
}
currentPEM = "";
continue;
}
if (line != "-----BEGIN CERTIFICATE-----") {
currentPEM += line;
}
}
return intermediates;
}
function readCurrentWhitelist(currentWhitelistFile) {
let contents = readFileContents(currentWhitelistFile).replace(/[\r\n ]/g, "");
let split = contents.split(/((?:0x[0-9A-F][0-9A-F],){31}0x[0-9A-F][0-9A-F])/);
// The hashes will be every odd-indexed element of the array.
let currentWhitelist = {};
for (let i = 1; i < split.length && i < split.length - 1; i += 2) {
let hash = split[i].replace(/0x/g, "").replace(/,/g, ":");
currentWhitelist[hash] = true;
}
return currentWhitelist;
}
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
if (arguments.length != 3) {
throw new Error("Usage: makeCNNICHashes.js <PEM intermediates file> " +
"<path to list of certificates> <path to current whitelist file>");
}
Services.prefs.setIntPref("security.OCSP.enabled", 0);
var intermediatesFile = pathToFile(arguments[0]);
var intermediates = loadIntermediates(intermediatesFile);
var certFile = pathToFile(arguments[1]);
var currentWhitelistFile = pathToFile(arguments[2]);
var currentWhitelist = readCurrentWhitelist(currentWhitelistFile);
var { certs, lastValidTime, invalidCerts } = loadCertificates(certFile, currentWhitelist);
dump("The following certificates were not included due to overlong validity periods:\n");
for (let cert of invalidCerts) {
dump(certToPEM(cert) + "\n");
}
// Sort the key hashes to allow for binary search.
certs.sort(compareCertificatesByHash);
// Write the output file.
var outFile = relativePathToFile("CNNICHashWhitelist.inc");
if (!outFile.exists()) {
outFile.create(Ci.nsIFile.NORMAL_FILE_TYPE, 0o644);
}
var outStream = Cc["@mozilla.org/network/file-output-stream;1"]
.createInstance(Ci.nsIFileOutputStream);
outStream.init(outFile, -1, 0, 0);
writeHashes(certs, lastValidTime, outStream);
outStream.close();
|