Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Distrust certs issued after 00:00:00 Oct. 21, 2016 by StartCom and WoSign #9469

Closed
wants to merge 2 commits into from

Conversation

shigeki
Copy link
Contributor

@shigeki shigeki commented Nov 4, 2016

Checklist
  • make -j8 test (UNIX), or vcbuild test nosign (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)

crypto, tls and test.

Description of change

Per discussion of #9434, this PR checks the certs issued by StartCom and WoSign and if notBefore is after 00:00:00 Oct. 21 2016, the tls client connection is failed with CERT_REVOKED error.

This also includes CNNIC whitelist update since #1895 that expired certs were removed and a minor bug fix of test/parallel/test-tls-cnnic-whitelist.js which came from 2bc7841.

R: @bnoordhuis

@shigeki shigeki added tls Issues and PRs related to the tls subsystem. crypto Issues and PRs related to the crypto subsystem. test Issues and PRs related to the tests. labels Nov 4, 2016
@nodejs-github-bot nodejs-github-bot added the c++ Issues and PRs that require attention from people who are familiar with C++. label Nov 4, 2016
@shigeki
Copy link
Contributor Author

shigeki commented Nov 4, 2016

Copy link
Member

@bnoordhuis bnoordhuis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mostly LGTM. There is a typo in the second commit log: s/udpate/update/

const unsigned char* startcom_wosign_data;
X509_NAME* startcom_wosign_name;

for (size_t i = 0; i < arraysize(StartComAndWoSignDNs); i++) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could write this as for (auto it : StartComAndWoSignDNs) {

Copy link
Contributor

@seishun seishun Nov 4, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for (auto& startcom_wosign : StartComAndWoSignDNs) { to avoid a needless copy.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. I used const auto& since it is just a reference.

openssl genrsa -out fake-startcom-root-key.pem 2048

fake-startcom-root-cert.pem: fake-startcom-root.cnf fake-startcom-root-key.pem
openssl req -new -x509 -days 9999 -config fake-startcom-root.cnf -key fake-startcom-root-key.pem -out fake-startcom-root-cert.pem
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you wrap this at 80 columns?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. I missed Makefile is out of lint checks.

0x31, 0x2C, 0x30, 0x2A, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x23, 0x53, 0x74,
0x61, 0x72, 0x74, 0x43, 0x6F, 0x6D, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F,
0x72, 0x69, 0x74, 0x79, 0x20, 0x47, 0x32,
Copy link
Contributor

@not-an-aardvark not-an-aardvark Nov 4, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just as a precaution: How did you create these arrays? We might want to double-check that they are accurate. (I'm hoping to avoid an issue like this.)

Copy link
Contributor Author

@shigeki shigeki Nov 7, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The data is ASN.1 encoded with Name type. Here is a list of subject names included in StartComAndWoSignData.inc and they all matches the names listed in https://bugzilla.mozilla.org/show_bug.cgi?id=1309707#c16 and certdata.txt in Node.

$ cat printStartComWoSign.cc
#include <cstdint>
#include <cstdio>
#include <x509.h>
#include <bio.h>
#include "StartComAndWoSignData.inc"

int main() {
  char buf[1024];
  const unsigned char* startcom_wosign_data;
  X509_NAME* startcom_wosign_name;
  BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);
  for(const auto& it : StartComAndWoSignDNs) {
    startcom_wosign_data = it.data;
    startcom_wosign_name = d2i_X509_NAME(NULL, &startcom_wosign_data, it.len);
    X509_NAME_oneline(startcom_wosign_name, buf, sizeof buf);
    BIO_printf(bio, "%s\n", buf);
  }
}
$ ./printStartComWoSign
/C=CN/O=WoSign CA Limited/CN=CA \xE6\xB2\x83\xE9\x80\x9A\xE6\xA0\xB9\xE8\xAF\x81\xE4\xB9\xA6
/C=CN/O=WoSign CA Limited/CN=CA WoSign ECC Root
/C=CN/O=WoSign CA Limited/CN=Certification Authority of WoSign
/C=CN/O=WoSign CA Limited/CN=Certification Authority of WoSign G2
/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
/C=IL/O=StartCom Ltd./CN=StartCom Certification Authority G2

@@ -2678,9 +2682,40 @@ inline X509* FindRoot(STACK_OF(X509)* sk) {
}


// Whitelist check for certs issued by CNNIC. See
inline bool CertIsStartComOrWoSign(X509_NAME* name) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm... would there possibly be a more generic way of doing this? Adding functions that are specific to StartCom and WoSign seems... troubling.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it leads troubling because this function checks the cert subject name with a specific type of structure provided by Mozilla only for StartCom and WoSign distrusting.
This function (and this features) will be removed after deprecating their root cert when all issued certs are expired. So I don't think it need to be more generic.

@@ -0,0 +1,91 @@
'use strict';
var common = require('../common');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

const?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

@shigeki shigeki force-pushed the WoSign_StartCom_check branch from e8ae182 to 20750b6 Compare November 7, 2016 01:11
@shigeki
Copy link
Contributor Author

shigeki commented Nov 7, 2016

Fixed this according to the comments except the one from @jasnell .

@indutny Sorry for missing you to mention. Please look at this if you have time.

Copy link
Member

@indutny indutny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, if CI is green.

if (!CertIsStartComOrWoSign(root_name))
return true;

time_t october_21_2016 = static_cast<time_t>(1477008000);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could it be const?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not. I'm not sure why.

int X509_cmp_time(const ASN1_TIME *s, time_t *t);

@shigeki
Copy link
Contributor Author

shigeki commented Nov 7, 2016

CI is again running on https://ci.nodejs.org/job/node-test-pull-request/4795/ .

const unsigned char* startcom_wosign_data;
X509_NAME* startcom_wosign_name;

for (const auto& it : StartComAndWoSignDNs) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor, but calling it it is confusing, as it's not an iterator.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@seishun Yes, I rename it to dn after 'distinguished name`. Thanks.

@ChALkeR ChALkeR added the security Issues and PRs related to security. label Nov 7, 2016
@ChALkeR
Copy link
Member

ChALkeR commented Dec 24, 2016

@bnoordhuis, does that look good to you now?

@shigeki
Copy link
Contributor Author

shigeki commented Dec 26, 2016

I've just resolved the conflict of test/parallel/test-tls-cnnic-whitelist.js and rebased against the latest master.

Firefox51 is to be stable on Jan 24th and Chrome56 is on Jan 31st, 2017. They will begin to have WoSing/StartCom checks in their stable release.

I think it is better to land this in the end of Jan, 2017 to align the browser release.

@shigeki
Copy link
Contributor Author

shigeki commented Jan 26, 2017

Chrome 56 is released today. It is ready to land this. The approval from @bnoordhuis is needed. How is it?

Copy link
Member

@bnoordhuis bnoordhuis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. s/certifiate/certificate/ in the first commit log and I'd say "Remove expired certificates from CNNIC whitelist." in the second one.

@shigeki shigeki force-pushed the WoSign_StartCom_check branch from e11d2ab to 4e5bc71 Compare January 26, 2017 16:29
@shigeki
Copy link
Contributor Author

shigeki commented Jan 26, 2017

@bnoordhuis Oh, typo. Thanks. Fixed.

I also added an announcement link from apple https://support.apple.com/en-us/HT204132 in the commit log. I will land this tomorrow after rebasing and running CI.

After that, it should be discussed if it should be backported to LTS.

@jasnell
Copy link
Member

jasnell commented Jan 27, 2017

I'm +1 on backporting this to 6 and 4. @nodejs/lts

@shigeki shigeki force-pushed the WoSign_StartCom_check branch from 4e5bc71 to 9363bd0 Compare January 31, 2017 11:06
imyller added a commit to imyller/meta-nodejs that referenced this pull request Mar 2, 2017
    Notable changes:

    * deps:
        * update V8 to 5.5 (Michaël Zasso) [#11029](nodejs/node#11029)
        * upgrade libuv to 1.11.0 (cjihrig) [#11094](nodejs/node#11094)
        * add node-inspect 1.10.4 (Jan Krems) [#10187](nodejs/node#10187)
        * upgrade zlib to 1.2.11 (Sam Roberts) [#10980](nodejs/node#10980)
    * lib: build `node inspect` into `node` (Anna Henningsen) [#10187](nodejs/node#10187)
    * crypto: Remove expired certs from CNNIC whitelist (Shigeki Ohtsu) [#9469](nodejs/node#9469)
    * inspector: add --inspect-brk (Josh Gavant) [#11149](nodejs/node#11149)
    * fs: allow WHATWG URL objects as paths (James M Snell) [#10739](nodejs/node#10739)
    * src: support UTF-8 in compiled-in JS source files (Ben Noordhuis) [#11129](nodejs/node#11129)
    * url: extend url.format to support WHATWG URL (James M Snell) [#10857](nodejs/node#10857)

    PR-URL: nodejs/node#11185

Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>
jasnell pushed a commit that referenced this pull request Mar 7, 2017
CNNIC Whitelist was updated with removing expired certificates.

Fixes: #1895
PR-URL: #9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
jasnell pushed a commit that referenced this pull request Mar 7, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: #9434
PR-URL: #9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
jasnell pushed a commit that referenced this pull request Mar 7, 2017
CNNIC Whitelist was updated with removing expired certificates.

Fixes: #1895
PR-URL: #9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
jasnell pushed a commit that referenced this pull request Mar 7, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: #9434
PR-URL: #9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
MylesBorins pushed a commit that referenced this pull request Mar 9, 2017
CNNIC Whitelist was updated with removing expired certificates.

Fixes: #1895
PR-URL: #9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
MylesBorins pushed a commit that referenced this pull request Mar 9, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: #9434
PR-URL: #9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@MylesBorins MylesBorins mentioned this pull request Mar 9, 2017
MylesBorins pushed a commit that referenced this pull request Mar 9, 2017
CNNIC Whitelist was updated with removing expired certificates.

Fixes: #1895
PR-URL: #9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
MylesBorins pushed a commit that referenced this pull request Mar 9, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: #9434
PR-URL: #9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@MylesBorins MylesBorins mentioned this pull request Mar 9, 2017
shigeki pushed a commit that referenced this pull request Mar 28, 2017
The additional validity checks applied to StartCom and WoSign
certificates failed to free memory before returning.

Refs: #9469
Fixes: #12033
PR-URL: #12089
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request Mar 28, 2017
The additional validity checks applied to StartCom and WoSign
certificates failed to free memory before returning.

Refs: #9469
Fixes: #12033
PR-URL: #12089
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request Mar 29, 2017
The additional validity checks applied to StartCom and WoSign
certificates failed to free memory before returning.

Refs: #9469
Fixes: #12033
PR-URL: #12089
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request Mar 29, 2017
The additional validity checks applied to StartCom and WoSign
certificates failed to free memory before returning.

Refs: #9469
Fixes: #12033
PR-URL: #12089
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request Mar 29, 2017
The additional validity checks applied to StartCom and WoSign
certificates failed to free memory before returning.

Refs: #9469
Fixes: #12033
PR-URL: #12089
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request Mar 29, 2017
The additional validity checks applied to StartCom and WoSign
certificates failed to free memory before returning.

Refs: #9469
Fixes: #12033
PR-URL: #12089
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request Mar 29, 2017
The additional validity checks applied to StartCom and WoSign
certificates failed to free memory before returning.

Refs: #9469
Fixes: #12033
PR-URL: #12089
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
kevinsawicki pushed a commit to electron/node that referenced this pull request May 16, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: nodejs/node#9434
PR-URL: nodejs/node#9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
kevinsawicki pushed a commit to electron/node that referenced this pull request May 16, 2017
CNNIC Whitelist was updated with removing expired certificates.

Fixes: nodejs/node#1895
PR-URL: nodejs/node#9469
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
kevinsawicki pushed a commit to electron/node that referenced this pull request May 16, 2017
The additional validity checks applied to StartCom and WoSign
certificates failed to free memory before returning.

Refs: nodejs/node#9469
Fixes: nodejs/node#12033
PR-URL: nodejs/node#12089
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. security Issues and PRs related to security. test Issues and PRs related to the tests. tls Issues and PRs related to the tls subsystem.
Projects
None yet
Development

Successfully merging this pull request may close these issues.