anotherim/src/main/java/eu/siacs/conversations/crypto/XmppDomainVerifier.java

package eu.siacs.conversations.crypto;

import android.os.Build;
import android.util.Log;
import android.util.Pair;

import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.x500.RDN;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x500.style.IETFUtils;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;

import java.io.IOException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;

import javax.net.ssl.SSLSession;

import de.duenndns.ssl.DomainHostnameVerifier;

public class XmppDomainVerifier implements DomainHostnameVerifier {

	private static final String LOGTAG = "XmppDomainVerifier";

	private static final String SRV_NAME = "1.3.6.1.5.5.7.8.7";
	private static final String XMPP_ADDR = "1.3.6.1.5.5.7.8.5";

	@Override
	public boolean verify(String domain, String hostname, SSLSession sslSession) {
		try {
			Certificate[] chain = sslSession.getPeerCertificates();
			if (chain.length == 0 || !(chain[0] instanceof X509Certificate)) {
				return false;
			}
			X509Certificate certificate = (X509Certificate) chain[0];
			final List<String> commonNames = getCommonNames(certificate);
			final boolean isSelfSignedCertificate = isSelfSigned(certificate);
			if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT || isSelfSignedCertificate) {
				if (commonNames.size() == 1 && commonNames.get(0).equals(domain)) {
					Log.d(LOGTAG,"accepted CN in cert as work around for "+domain+" isSelfSigned="+Boolean.toString(isSelfSignedCertificate)+", sdkInt="+Build.VERSION.SDK_INT);
					return true;
				}
			}
			Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
			List<String> xmppAddrs = new ArrayList<>();
			List<String> srvNames = new ArrayList<>();
			List<String> domains = new ArrayList<>();
			if (alternativeNames != null) {
				for (List<?> san : alternativeNames) {
					Integer type = (Integer) san.get(0);
					if (type == 0) {
						Pair<String, String> otherName = parseOtherName((byte[]) san.get(1));
						if (otherName != null) {
							switch (otherName.first) {
								case SRV_NAME:
									srvNames.add(otherName.second);
									break;
								case XMPP_ADDR:
									xmppAddrs.add(otherName.second);
									break;
								default:
									Log.d(LOGTAG, "oid: " + otherName.first + " value: " + otherName.second);
							}
						}
					} else if (type == 2) {
						Object value = san.get(1);
						if (value instanceof String) {
							domains.add((String) value);
						}
					}
				}
			}
			if (srvNames.size() == 0 && xmppAddrs.size() == 0 && domains.size() == 0) {
				domains.addAll(commonNames);
			}
			Log.d(LOGTAG, "searching for " + domain + " in srvNames: " + srvNames + " xmppAddrs: " + xmppAddrs + " domains:" + domains);
			if (hostname != null) {
				Log.d(LOGTAG,"also trying to verify hostname "+hostname);
			}
			return xmppAddrs.contains(domain)
					|| srvNames.contains("_xmpp-client." + domain)
					|| matchDomain(domain, domains)
					|| (hostname != null && matchDomain(hostname,domains));
		} catch (Exception e) {
			return false;
		}
	}

	private static List<String> getCommonNames(X509Certificate certificate) {
		List<String> domains = new ArrayList<>();
		try {
			X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
			RDN[] rdns = x500name.getRDNs(BCStyle.CN);
			for (int i = 0; i < rdns.length; ++i) {
				domains.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[i].getFirst().getValue()));
			}
			return domains;
		} catch (CertificateEncodingException e) {
			return domains;
		}
	}

	private static Pair<String, String> parseOtherName(byte[] otherName) {
		try {
			ASN1Primitive asn1Primitive = ASN1Primitive.fromByteArray(otherName);
			if (asn1Primitive instanceof DERTaggedObject) {
				ASN1Primitive inner = ((DERTaggedObject) asn1Primitive).getObject();
				if (inner instanceof DLSequence) {
					DLSequence sequence = (DLSequence) inner;
					if (sequence.size() >= 2 && sequence.getObjectAt(1) instanceof DERTaggedObject) {
						String oid = sequence.getObjectAt(0).toString();
						ASN1Primitive value = ((DERTaggedObject) sequence.getObjectAt(1)).getObject();
						if (value instanceof DERUTF8String) {
							return new Pair<>(oid, ((DERUTF8String) value).getString());
						} else if (value instanceof DERIA5String) {
							return new Pair<>(oid, ((DERIA5String) value).getString());
						}
					}
				}
			}
			return null;
		} catch (IOException e) {
			return null;
		}
	}

	private static boolean matchDomain(String needle, List<String> haystack) {
		for (String entry : haystack) {
			if (entry.startsWith("*.")) {
				int i = needle.indexOf('.');
				Log.d(LOGTAG, "comparing " + needle.substring(i) + " and " + entry.substring(1));
				if (i != -1 && needle.substring(i).equals(entry.substring(1))) {
					Log.d(LOGTAG, "domain " + needle + " matched " + entry);
					return true;
				}
			} else {
				if (entry.equals(needle)) {
					Log.d(LOGTAG, "domain " + needle + " matched " + entry);
					return true;
				}
			}
		}
		return false;
	}

	private boolean isSelfSigned(X509Certificate certificate) {
		try {
			certificate.verify(certificate.getPublicKey());
			return true;
		} catch (Exception e) {
			return false;
		}
	}

	@Override
	public boolean verify(String domain, SSLSession sslSession) {
		return verify(domain,null,sslSession);
	}
}
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`package eu.siacs.conversations.crypto;`

use CN-workaround for pre-kitkat 2017-07-17 21:13:55 +00:00			`import android.os.Build;`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`import android.util.Log;`
moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`import android.util.Pair;`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00
			`import org.bouncycastle.asn1.ASN1Primitive;`
			`import org.bouncycastle.asn1.DERIA5String;`
			`import org.bouncycastle.asn1.DERTaggedObject;`
			`import org.bouncycastle.asn1.DERUTF8String;`
			`import org.bouncycastle.asn1.DLSequence;`
			`import org.bouncycastle.asn1.x500.RDN;`
			`import org.bouncycastle.asn1.x500.X500Name;`
			`import org.bouncycastle.asn1.x500.style.BCStyle;`
			`import org.bouncycastle.asn1.x500.style.IETFUtils;`
			`import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;`

			`import java.io.IOException;`
more checks for xmppdomainverifier and better wildcard handling 2015-10-15 16:06:26 +00:00			`import java.security.cert.Certificate;`
workaround for OpenFire: check CN first in self signed certs The self signed certificates created by OpenFire (Not sure if other certs are affected as well) will crash the Java/Android TLS stack when accessing getSubjectAlternativeNames() on the the peer certificate. This usually goes unnoticed in other applications since the DefaultHostnameVerifier checkes the CN first. That however is a violation of RFC6125 section 6.4.4 which requires us to check for the existence of SAN first. This commit adds a work around where in self signed certificates we check for the CN first as well. (Avoiding the call to getSubjectAlternativeNames()) 2017-07-16 09:05:19 +00:00			`import java.security.cert.CertificateEncodingException;`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`import java.security.cert.X509Certificate;`
			`import java.util.ArrayList;`
			`import java.util.Collection;`
			`import java.util.List;`

			`import javax.net.ssl.SSLSession;`

also check for hostname in in certs if hostname is from trusted source 2017-06-17 17:54:09 +00:00			`import de.duenndns.ssl.DomainHostnameVerifier;`

			`public class XmppDomainVerifier implements DomainHostnameVerifier {`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00
moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`private static final String LOGTAG = "XmppDomainVerifier";`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00
fix regression introduces with OF fix. properly fall back to common name 2017-07-17 19:11:15 +00:00			`private static final String SRV_NAME = "1.3.6.1.5.5.7.8.7";`
			`private static final String XMPP_ADDR = "1.3.6.1.5.5.7.8.5";`
use constants for oids in xmppdomainverifier 2015-10-15 17:14:41 +00:00
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`@Override`
also check for hostname in in certs if hostname is from trusted source 2017-06-17 17:54:09 +00:00			`public boolean verify(String domain, String hostname, SSLSession sslSession) {`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`try {`
more checks for xmppdomainverifier and better wildcard handling 2015-10-15 16:06:26 +00:00			`Certificate[] chain = sslSession.getPeerCertificates();`
			`if (chain.length == 0 \|\| !(chain[0] instanceof X509Certificate)) {`
			`return false;`
			`}`
			`X509Certificate certificate = (X509Certificate) chain[0];`
fix regression introduces with OF fix. properly fall back to common name 2017-07-17 19:11:15 +00:00			`final List<String> commonNames = getCommonNames(certificate);`
use CN-workaround for pre-kitkat 2017-07-17 21:13:55 +00:00			`final boolean isSelfSignedCertificate = isSelfSigned(certificate);`
			`if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT \|\| isSelfSignedCertificate) {`
fix regression introduces with OF fix. properly fall back to common name 2017-07-17 19:11:15 +00:00			`if (commonNames.size() == 1 && commonNames.get(0).equals(domain)) {`
use CN-workaround for pre-kitkat 2017-07-17 21:13:55 +00:00			`Log.d(LOGTAG,"accepted CN in cert as work around for "+domain+" isSelfSigned="+Boolean.toString(isSelfSignedCertificate)+", sdkInt="+Build.VERSION.SDK_INT);`
workaround for OpenFire: check CN first in self signed certs The self signed certificates created by OpenFire (Not sure if other certs are affected as well) will crash the Java/Android TLS stack when accessing getSubjectAlternativeNames() on the the peer certificate. This usually goes unnoticed in other applications since the DefaultHostnameVerifier checkes the CN first. That however is a violation of RFC6125 section 6.4.4 which requires us to check for the existence of SAN first. This commit adds a work around where in self signed certificates we check for the CN first as well. (Avoiding the call to getSubjectAlternativeNames()) 2017-07-16 09:05:19 +00:00			`return true;`
			`}`
			`}`
more checks for xmppdomainverifier and better wildcard handling 2015-10-15 16:06:26 +00:00			`Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`List<String> xmppAddrs = new ArrayList<>();`
			`List<String> srvNames = new ArrayList<>();`
			`List<String> domains = new ArrayList<>();`
			`if (alternativeNames != null) {`
moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`for (List<?> san : alternativeNames) {`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`Integer type = (Integer) san.get(0);`
			`if (type == 0) {`
moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`Pair<String, String> otherName = parseOtherName((byte[]) san.get(1));`
			`if (otherName != null) {`
			`switch (otherName.first) {`
fix regression introduces with OF fix. properly fall back to common name 2017-07-17 19:11:15 +00:00			`case SRV_NAME:`
moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`srvNames.add(otherName.second);`
			`break;`
fix regression introduces with OF fix. properly fall back to common name 2017-07-17 19:11:15 +00:00			`case XMPP_ADDR:`
moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`xmppAddrs.add(otherName.second);`
			`break;`
			`default:`
			`Log.d(LOGTAG, "oid: " + otherName.first + " value: " + otherName.second);`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`}`
			`}`
			`} else if (type == 2) {`
			`Object value = san.get(1);`
			`if (value instanceof String) {`
			`domains.add((String) value);`
			`}`
			`}`
			`}`
			`}`
			`if (srvNames.size() == 0 && xmppAddrs.size() == 0 && domains.size() == 0) {`
fix regression introduces with OF fix. properly fall back to common name 2017-07-17 19:11:15 +00:00			`domains.addAll(commonNames);`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`}`
			`Log.d(LOGTAG, "searching for " + domain + " in srvNames: " + srvNames + " xmppAddrs: " + xmppAddrs + " domains:" + domains);`
also check for hostname in in certs if hostname is from trusted source 2017-06-17 17:54:09 +00:00			`if (hostname != null) {`
			`Log.d(LOGTAG,"also trying to verify hostname "+hostname);`
			`}`
			`return xmppAddrs.contains(domain)`
			`\|\| srvNames.contains("_xmpp-client." + domain)`
			`\|\| matchDomain(domain, domains)`
			`\|\| (hostname != null && matchDomain(hostname,domains));`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`} catch (Exception e) {`
			`return false;`
			`}`
			`}`

workaround for OpenFire: check CN first in self signed certs The self signed certificates created by OpenFire (Not sure if other certs are affected as well) will crash the Java/Android TLS stack when accessing getSubjectAlternativeNames() on the the peer certificate. This usually goes unnoticed in other applications since the DefaultHostnameVerifier checkes the CN first. That however is a violation of RFC6125 section 6.4.4 which requires us to check for the existence of SAN first. This commit adds a work around where in self signed certificates we check for the CN first as well. (Avoiding the call to getSubjectAlternativeNames()) 2017-07-16 09:05:19 +00:00			`private static List<String> getCommonNames(X509Certificate certificate) {`
			`List<String> domains = new ArrayList<>();`
			`try {`
			`X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();`
			`RDN[] rdns = x500name.getRDNs(BCStyle.CN);`
			`for (int i = 0; i < rdns.length; ++i) {`
			`domains.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[i].getFirst().getValue()));`
			`}`
			`return domains;`
			`} catch (CertificateEncodingException e) {`
			`return domains;`
			`}`
			`}`

moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`private static Pair<String, String> parseOtherName(byte[] otherName) {`
			`try {`
			`ASN1Primitive asn1Primitive = ASN1Primitive.fromByteArray(otherName);`
			`if (asn1Primitive instanceof DERTaggedObject) {`
			`ASN1Primitive inner = ((DERTaggedObject) asn1Primitive).getObject();`
			`if (inner instanceof DLSequence) {`
			`DLSequence sequence = (DLSequence) inner;`
			`if (sequence.size() >= 2 && sequence.getObjectAt(1) instanceof DERTaggedObject) {`
			`String oid = sequence.getObjectAt(0).toString();`
			`ASN1Primitive value = ((DERTaggedObject) sequence.getObjectAt(1)).getObject();`
			`if (value instanceof DERUTF8String) {`
			`return new Pair<>(oid, ((DERUTF8String) value).getString());`
			`} else if (value instanceof DERIA5String) {`
			`return new Pair<>(oid, ((DERIA5String) value).getString());`
			`}`
			`}`
			`}`
			`}`
			`return null;`
			`} catch (IOException e) {`
			`return null;`
			`}`
			`}`

			`private static boolean matchDomain(String needle, List<String> haystack) {`
			`for (String entry : haystack) {`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`if (entry.startsWith("*.")) {`
			`int i = needle.indexOf('.');`
moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`Log.d(LOGTAG, "comparing " + needle.substring(i) + " and " + entry.substring(1));`
more checks for xmppdomainverifier and better wildcard handling 2015-10-15 16:06:26 +00:00			`if (i != -1 && needle.substring(i).equals(entry.substring(1))) {`
moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`Log.d(LOGTAG, "domain " + needle + " matched " + entry);`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`return true;`
			`}`
			`} else {`
			`if (entry.equals(needle)) {`
moved other name parsing into seperate method 2015-10-15 18:05:55 +00:00			`Log.d(LOGTAG, "domain " + needle + " matched " + entry);`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`return true;`
			`}`
			`}`
			`}`
			`return false;`
			`}`
also check for hostname in in certs if hostname is from trusted source 2017-06-17 17:54:09 +00:00
workaround for OpenFire: check CN first in self signed certs The self signed certificates created by OpenFire (Not sure if other certs are affected as well) will crash the Java/Android TLS stack when accessing getSubjectAlternativeNames() on the the peer certificate. This usually goes unnoticed in other applications since the DefaultHostnameVerifier checkes the CN first. That however is a violation of RFC6125 section 6.4.4 which requires us to check for the existence of SAN first. This commit adds a work around where in self signed certificates we check for the CN first as well. (Avoiding the call to getSubjectAlternativeNames()) 2017-07-16 09:05:19 +00:00			`private boolean isSelfSigned(X509Certificate certificate) {`
			`try {`
			`certificate.verify(certificate.getPublicKey());`
			`return true;`
			`} catch (Exception e) {`
			`return false;`
			`}`
			`}`

also check for hostname in in certs if hostname is from trusted source 2017-06-17 17:54:09 +00:00			`@Override`
			`public boolean verify(String domain, SSLSession sslSession) {`
			`return verify(domain,null,sslSession);`
			`}`
use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 15:08:38 +00:00			`}`