2016-05-04 20:53:48 +02:00
|
|
|
// Copyright (C) 2016 Opsmate, Inc.
|
|
|
|
//
|
|
|
|
// This Source Code Form is subject to the terms of the Mozilla
|
|
|
|
// Public License, v. 2.0. If a copy of the MPL was not distributed
|
|
|
|
// with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
//
|
|
|
|
// This software is distributed WITHOUT A WARRANTY OF ANY KIND.
|
|
|
|
// See the Mozilla Public License for details.
|
2016-06-22 19:32:42 +02:00
|
|
|
//
|
|
|
|
// This file contains code from https://github.com/google/certificate-transparency/tree/master/go
|
|
|
|
// See ct/AUTHORS and ct/LICENSE for copyright and license information.
|
2016-05-04 20:53:48 +02:00
|
|
|
|
2016-05-04 20:49:07 +02:00
|
|
|
package certspotter
|
2016-02-05 03:45:37 +01:00
|
|
|
|
|
|
|
import (
|
2016-07-28 20:55:46 +02:00
|
|
|
// "container/list"
|
2016-11-26 05:13:17 +01:00
|
|
|
"bytes"
|
2016-07-28 20:55:46 +02:00
|
|
|
"crypto"
|
|
|
|
"errors"
|
2016-02-05 03:45:37 +01:00
|
|
|
"fmt"
|
|
|
|
"log"
|
2020-04-29 17:38:26 +02:00
|
|
|
"strings"
|
2016-02-05 03:45:37 +01:00
|
|
|
"sync"
|
|
|
|
"sync/atomic"
|
|
|
|
"time"
|
|
|
|
|
2016-05-04 21:19:59 +02:00
|
|
|
"software.sslmate.com/src/certspotter/ct"
|
|
|
|
"software.sslmate.com/src/certspotter/ct/client"
|
2016-02-05 03:45:37 +01:00
|
|
|
)
|
|
|
|
|
2016-02-09 19:28:52 +01:00
|
|
|
type ProcessCallback func(*Scanner, *ct.LogEntry)
|
2016-02-05 03:45:37 +01:00
|
|
|
|
2016-02-22 23:11:47 +01:00
|
|
|
const (
|
2016-07-28 20:55:46 +02:00
|
|
|
FETCH_RETRIES = 10
|
2016-02-22 23:11:47 +01:00
|
|
|
FETCH_RETRY_WAIT = 1
|
|
|
|
)
|
|
|
|
|
2016-02-05 03:45:37 +01:00
|
|
|
// ScannerOptions holds configuration options for the Scanner
|
|
|
|
type ScannerOptions struct {
|
|
|
|
// Number of entries to request in one batch from the Log
|
|
|
|
BatchSize int
|
|
|
|
|
2016-02-09 19:28:52 +01:00
|
|
|
// Number of concurrent proecssors to run
|
2016-02-05 03:45:37 +01:00
|
|
|
NumWorkers int
|
|
|
|
|
|
|
|
// Don't print any status messages to stdout
|
|
|
|
Quiet bool
|
|
|
|
}
|
|
|
|
|
|
|
|
// Creates a new ScannerOptions struct with sensible defaults
|
|
|
|
func DefaultScannerOptions() *ScannerOptions {
|
|
|
|
return &ScannerOptions{
|
2016-07-28 20:55:46 +02:00
|
|
|
BatchSize: 1000,
|
|
|
|
NumWorkers: 1,
|
|
|
|
Quiet: false,
|
2016-02-05 03:45:37 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Scanner is a tool to scan all the entries in a CT Log.
|
|
|
|
type Scanner struct {
|
2016-02-05 05:16:25 +01:00
|
|
|
// Base URI of CT log
|
2016-07-28 20:55:46 +02:00
|
|
|
LogUri string
|
2016-02-05 05:16:25 +01:00
|
|
|
|
2016-02-18 01:03:49 +01:00
|
|
|
// Public key of the log
|
2016-07-28 20:55:46 +02:00
|
|
|
publicKey crypto.PublicKey
|
2021-04-30 23:04:16 +02:00
|
|
|
LogId ct.SHA256Hash
|
2016-02-18 01:03:49 +01:00
|
|
|
|
2016-02-05 03:45:37 +01:00
|
|
|
// Client used to talk to the CT log instance
|
2016-07-28 20:55:46 +02:00
|
|
|
logClient *client.LogClient
|
2016-02-05 03:45:37 +01:00
|
|
|
|
|
|
|
// Configuration options for this Scanner instance
|
2016-07-28 20:55:46 +02:00
|
|
|
opts ScannerOptions
|
2016-02-05 03:45:37 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// fetchRange represents a range of certs to fetch from a CT log
|
|
|
|
type fetchRange struct {
|
|
|
|
start int64
|
|
|
|
end int64
|
|
|
|
}
|
|
|
|
|
2016-02-09 19:28:52 +01:00
|
|
|
// Worker function to process certs.
|
|
|
|
// Accepts ct.LogEntries over the |entries| channel, and invokes processCert on them.
|
2016-02-05 03:45:37 +01:00
|
|
|
// Returns true over the |done| channel when the |entries| channel is closed.
|
2017-11-06 22:33:02 +01:00
|
|
|
func (s *Scanner) processerJob(id int, certsProcessed *int64, entries <-chan ct.LogEntry, processCert ProcessCallback, wg *sync.WaitGroup) {
|
2016-02-09 19:28:52 +01:00
|
|
|
for entry := range entries {
|
2017-11-06 22:33:02 +01:00
|
|
|
atomic.AddInt64(certsProcessed, 1)
|
2016-02-09 19:28:52 +01:00
|
|
|
processCert(s, &entry)
|
2016-02-05 03:45:37 +01:00
|
|
|
}
|
|
|
|
wg.Done()
|
|
|
|
}
|
|
|
|
|
2017-01-06 23:39:08 +01:00
|
|
|
func (s *Scanner) fetch(r fetchRange, entries chan<- ct.LogEntry, tree *CollapsedMerkleTree) error {
|
2016-02-17 23:54:25 +01:00
|
|
|
success := false
|
2016-02-22 23:11:47 +01:00
|
|
|
retries := FETCH_RETRIES
|
|
|
|
retryWait := FETCH_RETRY_WAIT
|
2016-02-17 23:54:25 +01:00
|
|
|
for !success {
|
|
|
|
s.Log(fmt.Sprintf("Fetching entries %d to %d", r.start, r.end))
|
|
|
|
logEntries, err := s.logClient.GetEntries(r.start, r.end)
|
|
|
|
if err != nil {
|
2016-02-22 23:11:47 +01:00
|
|
|
if retries == 0 {
|
|
|
|
s.Warn(fmt.Sprintf("Problem fetching entries %d to %d from log: %s", r.start, r.end, err.Error()))
|
|
|
|
return err
|
|
|
|
} else {
|
|
|
|
s.Log(fmt.Sprintf("Problem fetching entries %d to %d from log (will retry): %s", r.start, r.end, err.Error()))
|
|
|
|
time.Sleep(time.Duration(retryWait) * time.Second)
|
|
|
|
retries--
|
|
|
|
retryWait *= 2
|
|
|
|
continue
|
|
|
|
}
|
2016-02-17 23:54:25 +01:00
|
|
|
}
|
2016-02-22 23:11:47 +01:00
|
|
|
retries = FETCH_RETRIES
|
|
|
|
retryWait = FETCH_RETRY_WAIT
|
2016-02-17 23:54:25 +01:00
|
|
|
for _, logEntry := range logEntries {
|
2017-01-06 23:39:08 +01:00
|
|
|
if tree != nil {
|
|
|
|
tree.Add(hashLeaf(logEntry.LeafBytes))
|
2016-02-17 23:54:25 +01:00
|
|
|
}
|
|
|
|
logEntry.Index = r.start
|
|
|
|
entries <- logEntry
|
|
|
|
r.start++
|
|
|
|
}
|
|
|
|
if r.start > r.end {
|
|
|
|
// Only complete if we actually got all the leaves we were
|
|
|
|
// expecting -- Logs MAY return fewer than the number of
|
|
|
|
// leaves requested.
|
|
|
|
success = true
|
|
|
|
}
|
|
|
|
}
|
2016-02-22 23:11:47 +01:00
|
|
|
return nil
|
2016-02-17 23:54:25 +01:00
|
|
|
}
|
|
|
|
|
2016-02-05 03:45:37 +01:00
|
|
|
// Worker function for fetcher jobs.
|
|
|
|
// Accepts cert ranges to fetch over the |ranges| channel, and if the fetch is
|
2016-02-09 19:28:52 +01:00
|
|
|
// successful sends the individual LeafInputs out into the
|
|
|
|
// |entries| channel for the processors to chew on.
|
2016-02-05 03:45:37 +01:00
|
|
|
// Will retry failed attempts to retrieve ranges indefinitely.
|
|
|
|
// Sends true over the |done| channel when the |ranges| channel is closed.
|
2016-02-22 23:11:47 +01:00
|
|
|
/* disabled becuase error handling is broken
|
2016-02-09 19:28:52 +01:00
|
|
|
func (s *Scanner) fetcherJob(id int, ranges <-chan fetchRange, entries chan<- ct.LogEntry, wg *sync.WaitGroup) {
|
2016-02-05 03:45:37 +01:00
|
|
|
for r := range ranges {
|
2016-02-17 23:54:25 +01:00
|
|
|
s.fetch(r, entries, nil)
|
2016-02-05 03:45:37 +01:00
|
|
|
}
|
|
|
|
wg.Done()
|
|
|
|
}
|
2016-02-22 23:11:47 +01:00
|
|
|
*/
|
2016-02-05 03:45:37 +01:00
|
|
|
|
|
|
|
// Returns the smaller of |a| and |b|
|
|
|
|
func min(a int64, b int64) int64 {
|
|
|
|
if a < b {
|
|
|
|
return a
|
|
|
|
} else {
|
|
|
|
return b
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Returns the larger of |a| and |b|
|
|
|
|
func max(a int64, b int64) int64 {
|
|
|
|
if a > b {
|
|
|
|
return a
|
|
|
|
} else {
|
|
|
|
return b
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Pretty prints the passed in number of |seconds| into a more human readable
|
|
|
|
// string.
|
|
|
|
func humanTime(seconds int) string {
|
|
|
|
nanos := time.Duration(seconds) * time.Second
|
|
|
|
hours := int(nanos / (time.Hour))
|
|
|
|
nanos %= time.Hour
|
|
|
|
minutes := int(nanos / time.Minute)
|
|
|
|
nanos %= time.Minute
|
|
|
|
seconds = int(nanos / time.Second)
|
|
|
|
s := ""
|
|
|
|
if hours > 0 {
|
|
|
|
s += fmt.Sprintf("%d hours ", hours)
|
|
|
|
}
|
|
|
|
if minutes > 0 {
|
|
|
|
s += fmt.Sprintf("%d minutes ", minutes)
|
|
|
|
}
|
|
|
|
if seconds > 0 {
|
|
|
|
s += fmt.Sprintf("%d seconds ", seconds)
|
|
|
|
}
|
|
|
|
return s
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s Scanner) Log(msg string) {
|
|
|
|
if !s.opts.Quiet {
|
2019-12-02 21:03:34 +01:00
|
|
|
log.Print(s.LogUri, ": ", msg)
|
2016-02-05 03:45:37 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s Scanner) Warn(msg string) {
|
2019-12-02 21:03:34 +01:00
|
|
|
log.Print(s.LogUri, ": ", msg)
|
2016-02-05 03:45:37 +01:00
|
|
|
}
|
|
|
|
|
2016-02-17 23:54:25 +01:00
|
|
|
func (s *Scanner) GetSTH() (*ct.SignedTreeHead, error) {
|
2016-02-05 03:45:37 +01:00
|
|
|
latestSth, err := s.logClient.GetSTH()
|
|
|
|
if err != nil {
|
2016-02-17 23:54:25 +01:00
|
|
|
return nil, err
|
2016-02-05 03:45:37 +01:00
|
|
|
}
|
2016-02-18 01:03:49 +01:00
|
|
|
if s.publicKey != nil {
|
|
|
|
verifier, err := ct.NewSignatureVerifier(s.publicKey)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := verifier.VerifySTHSignature(*latestSth); err != nil {
|
|
|
|
return nil, errors.New("STH signature is invalid: " + err.Error())
|
|
|
|
}
|
|
|
|
}
|
2021-04-30 23:04:16 +02:00
|
|
|
latestSth.LogID = s.LogId
|
2016-02-17 23:54:25 +01:00
|
|
|
return latestSth, nil
|
2016-02-05 03:45:37 +01:00
|
|
|
}
|
|
|
|
|
2017-01-06 06:06:37 +01:00
|
|
|
func (s *Scanner) CheckConsistency(first *ct.SignedTreeHead, second *ct.SignedTreeHead) (bool, error) {
|
2021-08-17 20:59:21 +02:00
|
|
|
if first.TreeSize == 0 || second.TreeSize == 0 {
|
|
|
|
// RFC 6962 doesn't define how to generate a consistency proof in this case,
|
|
|
|
// and it doesn't matter anyways since the tree is empty. The DigiCert logs
|
|
|
|
// return a 400 error if we ask for such a proof.
|
|
|
|
return true, nil
|
|
|
|
} else if first.TreeSize < second.TreeSize {
|
2017-04-10 22:54:49 +02:00
|
|
|
proof, err := s.logClient.GetConsistencyProof(int64(first.TreeSize), int64(second.TreeSize))
|
2016-02-17 23:54:25 +01:00
|
|
|
if err != nil {
|
2017-01-06 06:06:37 +01:00
|
|
|
return false, err
|
2016-02-17 23:54:25 +01:00
|
|
|
}
|
2017-04-10 22:54:49 +02:00
|
|
|
return VerifyConsistencyProof(proof, first, second), nil
|
|
|
|
} else if first.TreeSize > second.TreeSize {
|
|
|
|
proof, err := s.logClient.GetConsistencyProof(int64(second.TreeSize), int64(first.TreeSize))
|
|
|
|
if err != nil {
|
|
|
|
return false, err
|
|
|
|
}
|
|
|
|
return VerifyConsistencyProof(proof, second, first), nil
|
|
|
|
} else {
|
|
|
|
// There is no need to ask the server for a consistency proof if the trees
|
|
|
|
// are the same size, and the DigiCert log returns a 400 error if we try.
|
|
|
|
return bytes.Equal(first.SHA256RootHash[:], second.SHA256RootHash[:]), nil
|
2016-02-17 23:54:25 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-06 23:39:08 +01:00
|
|
|
func (s *Scanner) MakeCollapsedMerkleTree(sth *ct.SignedTreeHead) (*CollapsedMerkleTree, error) {
|
2016-11-26 05:13:17 +01:00
|
|
|
if sth.TreeSize == 0 {
|
2017-01-06 23:39:08 +01:00
|
|
|
return &CollapsedMerkleTree{}, nil
|
2016-11-26 05:13:17 +01:00
|
|
|
}
|
|
|
|
|
2017-01-08 19:17:00 +01:00
|
|
|
entries, err := s.logClient.GetEntries(int64(sth.TreeSize-1), int64(sth.TreeSize-1))
|
2016-11-26 05:13:17 +01:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if len(entries) == 0 {
|
2017-01-08 19:17:00 +01:00
|
|
|
return nil, fmt.Errorf("Log did not return entry %d", sth.TreeSize-1)
|
2016-11-26 05:13:17 +01:00
|
|
|
}
|
|
|
|
leafHash := hashLeaf(entries[0].LeafBytes)
|
|
|
|
|
2017-01-06 23:39:08 +01:00
|
|
|
var tree *CollapsedMerkleTree
|
2016-11-26 05:13:17 +01:00
|
|
|
if sth.TreeSize > 1 {
|
|
|
|
auditPath, _, err := s.logClient.GetAuditProof(leafHash, sth.TreeSize)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
reverseHashes(auditPath)
|
2017-01-08 19:17:00 +01:00
|
|
|
tree, err = NewCollapsedMerkleTree(auditPath, sth.TreeSize-1)
|
2017-01-05 23:48:35 +01:00
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("Error returned bad audit proof for %x to %d", leafHash, sth.TreeSize)
|
|
|
|
}
|
2016-11-26 05:13:17 +01:00
|
|
|
} else {
|
2017-01-06 23:39:08 +01:00
|
|
|
tree = EmptyCollapsedMerkleTree()
|
2016-11-26 05:13:17 +01:00
|
|
|
}
|
|
|
|
|
2017-01-06 23:39:08 +01:00
|
|
|
tree.Add(leafHash)
|
|
|
|
if !bytes.Equal(tree.CalculateRoot(), sth.SHA256RootHash[:]) {
|
2016-11-26 05:13:17 +01:00
|
|
|
return nil, fmt.Errorf("Calculated root hash does not match signed tree head at size %d", sth.TreeSize)
|
|
|
|
}
|
|
|
|
|
2017-01-06 23:39:08 +01:00
|
|
|
return tree, nil
|
2016-11-26 05:13:17 +01:00
|
|
|
}
|
|
|
|
|
2017-01-06 23:39:08 +01:00
|
|
|
func (s *Scanner) Scan(startIndex int64, endIndex int64, processCert ProcessCallback, tree *CollapsedMerkleTree) error {
|
2016-07-28 20:55:46 +02:00
|
|
|
s.Log("Starting scan...")
|
2016-02-05 03:45:37 +01:00
|
|
|
|
2017-11-06 22:33:02 +01:00
|
|
|
certsProcessed := new(int64)
|
2016-02-05 03:45:37 +01:00
|
|
|
startTime := time.Now()
|
2016-02-09 19:28:52 +01:00
|
|
|
/* TODO: only launch ticker goroutine if in verbose mode; kill the goroutine when the scanner finishes
|
|
|
|
ticker := time.NewTicker(time.Second)
|
2016-02-05 03:45:37 +01:00
|
|
|
go func() {
|
|
|
|
for range ticker.C {
|
|
|
|
throughput := float64(s.certsProcessed) / time.Since(startTime).Seconds()
|
|
|
|
remainingCerts := int64(endIndex) - int64(startIndex) - s.certsProcessed
|
|
|
|
remainingSeconds := int(float64(remainingCerts) / throughput)
|
|
|
|
remainingString := humanTime(remainingSeconds)
|
2016-02-09 19:28:52 +01:00
|
|
|
s.Log(fmt.Sprintf("Processed: %d certs (to index %d). Throughput: %3.2f ETA: %s", s.certsProcessed,
|
2016-02-05 03:45:37 +01:00
|
|
|
startIndex+int64(s.certsProcessed), throughput, remainingString))
|
|
|
|
}
|
|
|
|
}()
|
2016-02-09 19:28:52 +01:00
|
|
|
*/
|
2016-02-05 03:45:37 +01:00
|
|
|
|
2016-02-17 23:54:25 +01:00
|
|
|
// Start processor workers
|
2016-05-01 21:49:07 +02:00
|
|
|
jobs := make(chan ct.LogEntry, 100)
|
2016-02-17 23:54:25 +01:00
|
|
|
var processorWG sync.WaitGroup
|
|
|
|
for w := 0; w < s.opts.NumWorkers; w++ {
|
|
|
|
processorWG.Add(1)
|
2017-11-06 22:33:02 +01:00
|
|
|
go s.processerJob(w, certsProcessed, jobs, processCert, &processorWG)
|
2016-02-17 23:54:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
for start := startIndex; start < int64(endIndex); {
|
|
|
|
end := min(start+int64(s.opts.BatchSize), int64(endIndex)) - 1
|
2017-01-06 23:39:08 +01:00
|
|
|
if err := s.fetch(fetchRange{start, end}, jobs, tree); err != nil {
|
2016-02-22 23:11:47 +01:00
|
|
|
return err
|
|
|
|
}
|
2016-02-17 23:54:25 +01:00
|
|
|
start = end + 1
|
|
|
|
}
|
2016-02-05 03:45:37 +01:00
|
|
|
close(jobs)
|
2016-02-09 19:28:52 +01:00
|
|
|
processorWG.Wait()
|
2017-11-06 22:33:02 +01:00
|
|
|
s.Log(fmt.Sprintf("Completed %d certs in %s", *certsProcessed, humanTime(int(time.Since(startTime).Seconds()))))
|
2016-02-05 03:45:37 +01:00
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Creates a new Scanner instance using |client| to talk to the log, and taking
|
|
|
|
// configuration options from |opts|.
|
2021-04-30 23:04:16 +02:00
|
|
|
func NewScanner(logUri string, logId ct.SHA256Hash, publicKey crypto.PublicKey, opts *ScannerOptions) *Scanner {
|
2016-02-05 03:45:37 +01:00
|
|
|
var scanner Scanner
|
2016-02-05 05:16:25 +01:00
|
|
|
scanner.LogUri = logUri
|
2017-01-06 21:50:21 +01:00
|
|
|
scanner.LogId = logId
|
2016-02-18 01:03:49 +01:00
|
|
|
scanner.publicKey = publicKey
|
2020-04-29 17:38:26 +02:00
|
|
|
scanner.logClient = client.New(strings.TrimRight(logUri, "/"))
|
2016-02-23 00:29:52 +01:00
|
|
|
scanner.opts = *opts
|
2016-02-05 03:45:37 +01:00
|
|
|
return &scanner
|
|
|
|
}
|