Add Certificate Transparency logs auditing

components/certificate_transparency/single_tree_tracker.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/certificate_transparency/single_tree_tracker.h"
 
+#include <algorithm>
+#include <iterator>
 #include <utility>
 
+#include "net/base/hash_value.h"
 #include "net/cert/ct_log_verifier.h"
 #include "net/cert/signed_certificate_timestamp.h"
 #include "net/cert/x509_certificate.h"
 
+using net::ct::LogEntry;
+using net::ct::MerkleTreeLeaf;
 using net::ct::SignedTreeHead;
 
 namespace certificate_transparency {
+bool OrderByTimestamp::operator()(const TimestampedLeaf& lhs,
+                                  const TimestampedLeaf& rhs) {
+  const MerkleTreeLeaf& lhs_leaf = lhs.GetLeaf();
+  const MerkleTreeLeaf& rhs_leaf = rhs.GetLeaf();
+  // This comparator should only used for containers where leaves from
+  // different logs are not mixed.
+  DCHECK(lhs_leaf.log_id == rhs_leaf.log_id);
+
+  if (lhs_leaf.timestamp != rhs_leaf.timestamp)
+    return lhs_leaf.timestamp < rhs_leaf.timestamp;
+
+  // Either two leaves with the same timestamp or the same leaf, have to
+  // compare the actual LogEntries to find out.
+  const LogEntry& lhs_entry = lhs_leaf.log_entry;
+  const LogEntry& rhs_entry = rhs_leaf.log_entry;
+  if (lhs_entry.type != rhs_entry.type)
+    return lhs_entry.type < rhs_entry.type;
+
+  if (lhs_entry.type == net::ct::LogEntry::LOG_ENTRY_TYPE_X509)
+    return lhs_entry.leaf_certificate < rhs_entry.leaf_certificate;
+
+  // lhs_entry.type == LOG_ENTRY_TYPE_PRECERT
+  return lhs_entry.tbs_certificate < rhs_entry.tbs_certificate &&
+         net::SHA256HashValueLessThan().operator()(lhs_entry.issuer_key_hash,
+                                                   rhs_entry.issuer_key_hash);
+}
 
 SingleTreeTracker::SingleTreeTracker(
     scoped_refptr<const net::CTLogVerifier> ct_log)
     : ct_log_(std::move(ct_log)) {}
 
 SingleTreeTracker::~SingleTreeTracker() {}
 
 void SingleTreeTracker::OnSCTVerified(
     net::X509Certificate* cert,
     const net::ct::SignedCertificateTimestamp* sct) {
   DCHECK_EQ(ct_log_->key_id(), sct->log_id);
 
+  MerkleTreeLeaf leaf;
+  if (!GetMerkleTreeLeaf(cert, sct, &leaf))
+    return;
+
   // SCT was previously observed, so its status should not be changed.
-  if (entries_status_.find(sct->timestamp) != entries_status_.end())
+  if (EntryPendingNewSTH(leaf) || EntryPendingInclusionProof(leaf))
     return;
 
+  TimestampedLeaf timestamped_leaf(leaf, base::Time::Now());
+
   // If there isn't a valid STH or the STH is not fresh enough to check
   // inclusion against, store the SCT for future checking and return.
   if (verified_sth_.timestamp.is_null() ||
       (verified_sth_.timestamp <
        (sct->timestamp + base::TimeDelta::FromHours(24)))) {

[Rob Percival, 2016/06/30 14:15:57]

Extract "base::TimeDelta::FromHours(24)" to a constant named something like
kMaximumMergeDelay. If I were pedantic, I'd say this should be a property of
CtLog, but I doubt there will ever be a log that doesn't have an MMD of 24 hours
so that's unnecessary.

[Eran Messeri, 2016/06/30 19:58:28]

Done.
The Chrome policy is not clear about whether there's a maximum MMD, but you are
right that it is a property of the log and should probably be in CTLogVerifier.

     // TODO(eranm): UMA - how often SCTs have to wait for a newer STH for
     // inclusion check.
-    entries_status_.insert(
-        std::make_pair(sct->timestamp, SCT_PENDING_NEWER_STH));
+    pending_new_sth_.insert(std::move(timestamped_leaf));
     return;
   }
 
   // TODO(eranm): Check inclusion here.
   // TODO(eranm): UMA - how often inclusion can be checked immediately.
-  entries_status_.insert(
-      std::make_pair(sct->timestamp, SCT_PENDING_INCLUSION_CHECK));
+  pending_inclusion_check_.insert(std::move(timestamped_leaf));
 }
 
 void SingleTreeTracker::NewSTHObserved(const SignedTreeHead& sth) {
   DCHECK_EQ(ct_log_->key_id(), sth.log_id);
 
   if (!ct_log_->VerifySignedTreeHead(sth)) {
     // Sanity check the STH; the caller should have done this
     // already, but being paranoid here.
     // NOTE(eranm): Right now there's no way to get rid of this check here
     // as this is the first object in the chain that has an instance of
     // a CTLogVerifier to verify the STH.
     return;
   }
 
   // In order to avoid updating |verified_sth_| to an older STH in case
   // an older STH is observed, check that either the observed STH is for
   // a larger tree size or that it is for the same tree size but has
   // a newer timestamp.
   const bool sths_for_same_tree = verified_sth_.tree_size == sth.tree_size;
   const bool received_sth_is_for_larger_tree =
       (verified_sth_.tree_size > sth.tree_size);
   const bool received_sth_is_newer = (sth.timestamp > verified_sth_.timestamp);
 
   if (verified_sth_.timestamp.is_null() || received_sth_is_for_larger_tree ||
       (sths_for_same_tree && received_sth_is_newer)) {
     verified_sth_ = sth;
   }
 
+  if (pending_new_sth_.empty())
+    return;
   // Find out which SCTs can now be checked for inclusion.
-  // TODO(eranm): Keep two maps of MerkleTreeLeaf instances, one for leaves
-  // pending inclusion checks and one for leaves pending a new STH.
-  // The comparison function between MerkleTreeLeaf instances should use the
-  // timestamp to determine sorting order, so that bulk moving from one
-  // map to the other can happen.
-  auto entry = entries_status_.begin();
-  while (entry != entries_status_.end() &&
-         entry->first < verified_sth_.timestamp) {
-    entry->second = SCT_PENDING_INCLUSION_CHECK;
-    ++entry;
-    // TODO(eranm): Check inclusion here.
-  }
+  auto sth_timestamp_compare = [&sth](const TimestampedLeaf& leaf) {
+    return leaf.GetLeaf().timestamp > sth.timestamp;
+  };
+  auto first_entry_not_included = std::find_if(
+      pending_new_sth_.begin(), pending_new_sth_.end(), sth_timestamp_compare);
+  // Move all entries up to the first entry not covered by this STH to
+  // the set of entries pending inclusion check.
+  std::move(pending_new_sth_.begin(), first_entry_not_included,
+            std::inserter(pending_inclusion_check_,
+                          pending_inclusion_check_.begin()));
+  // Clear moved entries.
+  pending_new_sth_.erase(pending_new_sth_.begin(), first_entry_not_included);
+
+  // TODO(eranm): Check inclusion here of entries that can now be checked.
 }
 
 SingleTreeTracker::SCTInclusionStatus
 SingleTreeTracker::GetLogEntryInclusionStatus(
     net::X509Certificate* cert,
     const net::ct::SignedCertificateTimestamp* sct) {
-  auto it = entries_status_.find(sct->timestamp);
+  MerkleTreeLeaf leaf;
+  if (!GetMerkleTreeLeaf(cert, sct, &leaf))
+    return SCT_NOT_OBSERVED;
 
-  return it == entries_status_.end() ? SCT_NOT_OBSERVED : it->second;
+  if (EntryPendingNewSTH(leaf))
+    return SCT_PENDING_NEWER_STH;
+
+  if (EntryPendingInclusionProof(leaf))
+    return SCT_PENDING_INCLUSION_CHECK;
+
+  return SCT_NOT_OBSERVED;
+}
+
+bool SingleTreeTracker::EntryPendingNewSTH(
+    const net::ct::MerkleTreeLeaf& leaf) {
+  TimestampedLeaf timestamped_leaf(leaf, base::Time::UnixEpoch());
+  return pending_new_sth_.find(timestamped_leaf) != pending_new_sth_.end();
+}
+
+bool SingleTreeTracker::EntryPendingInclusionProof(
+    const net::ct::MerkleTreeLeaf& leaf) {
+  // Time does not matter here.
+  TimestampedLeaf timestamped_leaf(leaf, base::Time::UnixEpoch());
+  return pending_inclusion_check_.find(timestamped_leaf) !=
+         pending_inclusion_check_.end();
 }
 
 }  // namespace certificate_transparency