crypto: add cert check to CNNIC Whitelist

When client connect to the server with certification issued by either
CNNIC Root CA or CNNIC EV Root CA, check hash of server
certification in the list of CNNICHashWhitelist.inc. If it's not,
CERT_REVOKED error returns.

See for details in
https://blog.mozilla.org/security/2015/04/02/distrusting-new-cnnic-certificates/

PR-URL: https://github.com/nodejs/io.js/pull/1895
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

src/node_crypto.cc

@@ -13,6 +13,10 @@
 #include "util.h"
 #include "util-inl.h"
 #include "v8.h"
+// CNNIC Hash WhiteList is taken from
+// https://hg.mozilla.org/mozilla-central/raw-file/98820360ab66/security/
+// certverifier/CNNICHashWhitelist.inc
+#include "CNNICHashWhitelist.inc"
 
 #include <errno.h>
 #include <stdlib.h>
@@ -84,6 +88,34 @@ using v8::V8;
 using v8::Value;
 
 
+// Subject DER of CNNIC ROOT CA and CNNIC EV ROOT CA are taken from
+// https://hg.mozilla.org/mozilla-central/file/98820360ab66/security/
+// certverifier/NSSCertDBTrustDomain.cpp#l672
+// C = CN, O = CNNIC, CN = CNNIC ROOT
+static const uint8_t CNNIC_ROOT_CA_SUBJECT_DATA[] =
+    "\x30\x32\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x0E\x30"
+    "\x0C\x06\x03\x55\x04\x0A\x13\x05\x43\x4E\x4E\x49\x43\x31\x13\x30\x11\x06"
+    "\x03\x55\x04\x03\x13\x0A\x43\x4E\x4E\x49\x43\x20\x52\x4F\x4F\x54";
+static const uint8_t* cnnic_p = CNNIC_ROOT_CA_SUBJECT_DATA;
+static X509_NAME* cnnic_name =
+    d2i_X509_NAME(nullptr, &cnnic_p, sizeof(CNNIC_ROOT_CA_SUBJECT_DATA)-1);
+
+// C = CN, O = China Internet Network Information Center, CN = China
+// Internet Network Information Center EV Certificates Root
+static const uint8_t CNNIC_EV_ROOT_CA_SUBJECT_DATA[] =
+    "\x30\x81\x8A\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x32"
+    "\x30\x30\x06\x03\x55\x04\x0A\x0C\x29\x43\x68\x69\x6E\x61\x20\x49\x6E\x74"
+    "\x65\x72\x6E\x65\x74\x20\x4E\x65\x74\x77\x6F\x72\x6B\x20\x49\x6E\x66\x6F"
+    "\x72\x6D\x61\x74\x69\x6F\x6E\x20\x43\x65\x6E\x74\x65\x72\x31\x47\x30\x45"
+    "\x06\x03\x55\x04\x03\x0C\x3E\x43\x68\x69\x6E\x61\x20\x49\x6E\x74\x65\x72"
+    "\x6E\x65\x74\x20\x4E\x65\x74\x77\x6F\x72\x6B\x20\x49\x6E\x66\x6F\x72\x6D"
+    "\x61\x74\x69\x6F\x6E\x20\x43\x65\x6E\x74\x65\x72\x20\x45\x56\x20\x43\x65"
+    "\x72\x74\x69\x66\x69\x63\x61\x74\x65\x73\x20\x52\x6F\x6F\x74";
+static const uint8_t* cnnic_ev_p = CNNIC_EV_ROOT_CA_SUBJECT_DATA;
+static X509_NAME *cnnic_ev_name =
+    d2i_X509_NAME(nullptr, &cnnic_ev_p,
+                  sizeof(CNNIC_EV_ROOT_CA_SUBJECT_DATA)-1);
+
 // Forcibly clear OpenSSL's error stack on return. This stops stale errors
 // from popping up later in the lifecycle of crypto operations where they
 // would cause spurious failures. It's a rather blunt method, though.
@@ -2210,49 +2242,91 @@ void Connection::Initialize(Environment* env, Handle<Object> target) {
 }
 
 
-int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx) {
+inline int compar(const void* a, const void* b) {
-  // Quoting SSL_set_verify(3ssl):
+  return memcmp(a, b, CNNIC_WHITELIST_HASH_LEN);
-  //
+}
-  //   The VerifyCallback function is used to control the behaviour when
+
-  //   the SSL_VERIFY_PEER flag is set. It must be supplied by the
+
-  //   application and receives two arguments: preverify_ok indicates,
+inline int IsSelfSigned(X509* cert) {
-  //   whether the verification of the certificate in question was passed
+  return X509_NAME_cmp(X509_get_subject_name(cert),
-  //   (preverify_ok=1) or not (preverify_ok=0). x509_ctx is a pointer to
+                       X509_get_issuer_name(cert)) == 0;
-  //   the complete context used for the certificate chain verification.
+}
-  //
+
-  //   The certificate chain is checked starting with the deepest nesting
+
-  //   level (the root CA certificate) and worked upward to the peer's
+inline X509* FindRoot(STACK_OF(X509)* sk) {
-  //   certificate.  At each level signatures and issuer attributes are
+  for (int i = 0; i < sk_X509_num(sk); i++) {
-  //   checked.  Whenever a verification error is found, the error number is
+    X509* cert = sk_X509_value(sk, i);
-  //   stored in x509_ctx and VerifyCallback is called with preverify_ok=0.
+    if (IsSelfSigned(cert))
-  //   By applying X509_CTX_store_* functions VerifyCallback can locate the
+      return cert;
-  //   certificate in question and perform additional steps (see EXAMPLES).
+  }
-  //   If no error is found for a certificate, VerifyCallback is called
+  return nullptr;
-  //   with preverify_ok=1 before advancing to the next level.
+}
-  //
+
-  //   The return value of VerifyCallback controls the strategy of the
+
-  //   further verification process. If VerifyCallback returns 0, the
+// Whitelist check for certs issued by CNNIC. See
-  //   verification process is immediately stopped with "verification
+// https://blog.mozilla.org/security/2015/04/02
-  //   failed" state. If SSL_VERIFY_PEER is set, a verification failure
+// /distrusting-new-cnnic-certificates/
-  //   alert is sent to the peer and the TLS/SSL handshake is terminated. If
+inline CheckResult CheckWhitelistedServerCert(X509_STORE_CTX* ctx) {
-  //   VerifyCallback returns 1, the verification process is continued. If
+  unsigned char hash[CNNIC_WHITELIST_HASH_LEN];
-  //   VerifyCallback always returns 1, the TLS/SSL handshake will not be
+  unsigned int hashlen = CNNIC_WHITELIST_HASH_LEN;
-  //   terminated with respect to verification failures and the connection
+
-  //   will be established. The calling process can however retrieve the
+  STACK_OF(X509)* chain = X509_STORE_CTX_get1_chain(ctx);
-  //   error code of the last verification error using
+  CHECK_NE(chain, nullptr);
-  //   SSL_get_verify_result(3) or by maintaining its own error storage
+  CHECK_GT(sk_X509_num(chain), 0);
-  //   managed by VerifyCallback.
+
-  //
+  // Take the last cert as root at the first time.
-  //   If no VerifyCallback is specified, the default callback will be
+  X509* root_cert = sk_X509_value(chain, sk_X509_num(chain)-1);
-  //   used.  Its return value is identical to preverify_ok, so that any
+  X509_NAME* root_name = X509_get_subject_name(root_cert);
-  //   verification failure will lead to a termination of the TLS/SSL
+
-  //   handshake with an alert message, if SSL_VERIFY_PEER is set.
+  if (!IsSelfSigned(root_cert)) {
-  //
+    root_cert = FindRoot(chain);
-  // Since we cannot perform I/O quickly enough in this callback, we ignore
+    CHECK_NE(root_cert, nullptr);
-  // all preverify_ok errors and let the handshake continue. It is
+    root_name = X509_get_subject_name(root_cert);
-  // imparative that the user use Connection::VerifyError after the
+  }
-  // 'secure' callback has been made.
+
-  return 1;
+  // When the cert is issued from either CNNNIC ROOT CA or CNNNIC EV
+  // ROOT CA, check a hash of its leaf cert if it is in the whitelist.
+  if (X509_NAME_cmp(root_name, cnnic_name) == 0 ||
+      X509_NAME_cmp(root_name, cnnic_ev_name) == 0) {
+    X509* leaf_cert = sk_X509_value(chain, 0);
+    int ret = X509_digest(leaf_cert, EVP_sha256(), hash,
+                          &hashlen);
+    CHECK(ret);
+
+    void* result = bsearch(hash, WhitelistedCNNICHashes,
+                           ARRAY_SIZE(WhitelistedCNNICHashes),
+                           CNNIC_WHITELIST_HASH_LEN, compar);
+    if (result == nullptr) {
+      sk_X509_pop_free(chain, X509_free);
+      return CHECK_CERT_REVOKED;
+    }
+  }
+
+  sk_X509_pop_free(chain, X509_free);
+  return CHECK_OK;
+}
+
+
+inline int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx) {
+  // Failure on verification of the cert is handled in
+  // Connection::VerifyError.
+  if (preverify_ok == 0)
+    return 1;
+
+  // Server does not need to check the whitelist.
+  SSL* ssl = static_cast<SSL*>(
+      X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
+
+  if (SSL_is_server(ssl))
+    return 1;
+
+  // Client needs to check if the server cert is listed in the
+  // whitelist when it is issued by the specific rootCAs.
+  CheckResult ret = CheckWhitelistedServerCert(ctx);
+  if (ret == CHECK_CERT_REVOKED)
+    X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REVOKED);
+
+  return ret;
 }
 
 

src/node_crypto.h

@@ -41,6 +41,11 @@
 namespace node {
 namespace crypto {
 
+enum CheckResult {
+  CHECK_CERT_REVOKED = 0,
+  CHECK_OK = 1
+};
+
 extern int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx);
 
 extern X509_STORE* root_cert_store;

test/fixtures/keys/Makefile

@@ -26,7 +26,10 @@ ca3-key.pem:
 
 ca3-csr.pem: ca3.cnf ca3-key.pem
 	openssl req -new \
-		-extensions v3_ca -config ca3.cnf -key ca3-key.pem -out ca3-csr.pem
+		-extensions v3_ca \
+		-config ca3.cnf \
+		-key ca3-key.pem \
+		-out ca3-csr.pem
 
 ca3-cert.pem: ca3-csr.pem ca3-key.pem ca3.cnf ca1-cert.pem ca1-key.pem
 	openssl x509 -req \
@@ -40,6 +43,20 @@ ca3-cert.pem: ca3-csr.pem ca3-key.pem ca3.cnf ca1-cert.pem ca1-key.pem
 		-CAcreateserial \
 		-out ca3-cert.pem
 
+#
+# Create Fake CNNIC Root Certificate Authority: fake-cnnic-root
+#
+
+fake-cnnic-root-key.pem:
+	openssl genrsa -out fake-cnnic-root-key.pem 2048
+
+fake-cnnic-root-cert.pem: fake-cnnic-root.cnf fake-cnnic-root-key.pem
+	openssl req -x509 -new \
+	        -key fake-cnnic-root-key.pem \
+	        -days 1024 \
+	        -out fake-cnnic-root-cert.pem \
+	        -config fake-cnnic-root.cnf
+
 #
 # agent1 is signed by ca1.
 #
@@ -204,6 +221,30 @@ agent6-cert.pem: agent6-csr.pem ca3-cert.pem ca3-key.pem
 agent6-verify: agent6-cert.pem ca3-cert.pem
 	openssl verify -CAfile ca3-cert.pem agent6-cert.pem
 
+#
+# agent7 is signed by fake-cnnic-root.
+#
+
+agent7-key.pem:
+	openssl genrsa -out agent7-key.pem 2048
+
+agent7-csr.pem: agent1.cnf agent7-key.pem
+	openssl req -new -config agent7.cnf -key agent7-key.pem -out agent7-csr.pem
+
+agent7-cert.pem: agent7-csr.pem fake-cnnic-root-cert.pem fake-cnnic-root-key.pem
+	openssl x509 -req \
+		-extfile agent7.cnf \
+		-days 9999 \
+		-passin "pass:password" \
+		-in agent7-csr.pem \
+		-CA fake-cnnic-root-cert.pem \
+		-CAkey fake-cnnic-root-key.pem \
+		-CAcreateserial \
+		-out agent7-cert.pem
+
+agent7-verify: agent7-cert.pem fake-cnnic-root-cert.pem
+	openssl verify -CAfile fake-cnnic-root-cert.pem agent7-cert.pem
+
 ec-key.pem:
 	openssl ecparam -genkey -out ec-key.pem -name prime256v1
 

test/fixtures/keys/agent7-cert.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDEDCCAfigAwIBAgIJAKpGbw//YhvMMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNV
+BAYTAkNOMQ4wDAYDVQQKEwVDTk5JQzETMBEGA1UEAxMKQ05OSUMgUk9PVDAeFw0x
+NTA2MTAwNDI4MTNaFw00MjEwMjUwNDI4MTNaMF0xCzAJBgNVBAYTAlVTMQswCQYD
+VQQIEwJDQTELMAkGA1UEBxMCU0YxDTALBgNVBAoTBElPSlMxETAPBgNVBAsTCGlv
+anMub3JnMRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCur6nhJBpxAmWKVbTKvEDn8YJ7ebkpNSwNVMzSycmvo3XOIogw
+ZngRJ/dL8YM/+p5CvAheJ6IqThgRw6+Se42O5ywlYpaHaY7n1oaFJC+2RUoPwdS7
+Rz0dl30kXwUnKlllqkGDdFwMUD5NlXBLsGgiW1gkPHCvlOYxfuv50z3yIMgxfVGP
+a7FeAYIHkRWQ5VrvugT70YaZMhLoMnj8c6RcIe81PV3eCS5Pp4ce8SGUkzAV9AFu
+f4yVlEnPqqy/VrinT+xNrRKt+2YijIb54i75p+2AVveOhpLcCcB2K65Zgc5LnZB8
+EY7W8/Qfh0DOAZibOd2vrUl2pkkOlR+qkYX/AgMBAAEwDQYJKoZIhvcNAQELBQAD
+ggEBAIiPC5SMDJAbUwkEWZxSleKfliLnycwaRfzF/B+8CUMd+hrVdrKe/u1aPDEV
+FgWq4Vd3K3jtGZxwfW8VMjtF3aj7vd/Lx6XUbZv+VUKURlDRktBuZTDdYu5mECV1
++iDd64robqeYbZ04w1pnwArT50+oZdmQ9BgbQom1B4FoMhoeSX7A0gITH5BHW1xs
+SRiqI7tDoDqhhn6X8pWoiq9QpXCSjXqUDNlxmiL5+e9j6DUv+e4z/bWY0s/COmY6
+2gGSZDJGDcpwx8RgEy+1gDNMMApqLZxH0b/RwtE/9R9OiPm272pCuz2zkdQM48a0
+9/GbQ68v2fmDZRF2WnYrkTSzF0Y=
+-----END CERTIFICATE-----

test/fixtures/keys/agent7-csr.pem

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICxzCCAa8CAQAwXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQswCQYDVQQH
+EwJTRjENMAsGA1UEChMESU9KUzERMA8GA1UECxMIaW9qcy5vcmcxEjAQBgNVBAMT
+CWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK6vqeEk
+GnECZYpVtMq8QOfxgnt5uSk1LA1UzNLJya+jdc4iiDBmeBEn90vxgz/6nkK8CF4n
+oipOGBHDr5J7jY7nLCVilodpjufWhoUkL7ZFSg/B1LtHPR2XfSRfBScqWWWqQYN0
+XAxQPk2VcEuwaCJbWCQ8cK+U5jF+6/nTPfIgyDF9UY9rsV4BggeRFZDlWu+6BPvR
+hpkyEugyePxzpFwh7zU9Xd4JLk+nhx7xIZSTMBX0AW5/jJWUSc+qrL9WuKdP7E2t
+Eq37ZiKMhvniLvmn7YBW946GktwJwHYrrlmBzkudkHwRjtbz9B+HQM4BmJs53a+t
+SXamSQ6VH6qRhf8CAwEAAaAlMCMGCSqGSIb3DQEJBzEWExRBIGNoYWxsZW5nZSBw
+YXNzd29yZDANBgkqhkiG9w0BAQsFAAOCAQEAgT89dg/uj55YDT0wqNH2spt6JBK+
+gF7Y8R7MBgGEJSbJnjAkJSUpKKPE3ph6mJ9naYl1U3zqt+xoQKdp8kn8649u5Hjq
+TmmlsCExf0cznpMHINB9FG1aOoKdrsHf4o4eSXBAOacrpgnCpPAnaywE8F6Rc1a0
+3RDogwETUOFzTKvyl8XJQ2jUQt4qs9+fmkR12IVNe8IFPe2I8j5wMmQ81nUmFDpC
+NHy35vXjs+7N15FEkkvbr7jxZzMzXAhdZLUEOwIcNZsfpgCCqRmM/j5w8qXLFShd
+NUZn6Psex2Jkq2rcNwJ25739ORS69nWqhZrUvaaMP6IqjFcJBVWIyRwltQ==
+-----END CERTIFICATE REQUEST-----

test/fixtures/keys/agent7-key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEArq+p4SQacQJlilW0yrxA5/GCe3m5KTUsDVTM0snJr6N1ziKI
+MGZ4ESf3S/GDP/qeQrwIXieiKk4YEcOvknuNjucsJWKWh2mO59aGhSQvtkVKD8HU
+u0c9HZd9JF8FJypZZapBg3RcDFA+TZVwS7BoIltYJDxwr5TmMX7r+dM98iDIMX1R
+j2uxXgGCB5EVkOVa77oE+9GGmTIS6DJ4/HOkXCHvNT1d3gkuT6eHHvEhlJMwFfQB
+bn+MlZRJz6qsv1a4p0/sTa0SrftmIoyG+eIu+aftgFb3joaS3AnAdiuuWYHOS52Q
+fBGO1vP0H4dAzgGYmzndr61JdqZJDpUfqpGF/wIDAQABAoIBAQCNIXcKYnTKYLlQ
+rjXGpZl6yvA0ef9Sf5b7nkts8YJ02IdQ5y1IjUDr+3IcdR8pDX3XRLst9q9ZpoZj
+s8mhexi/H53XBnO/K1U9kWBVKQszI3/Wgy8vrzp9Mer0+5/aKKjZLliHr/a+LAZq
+ABYd0IQRXeM0Q3B3KsFfs79Ks5QUjXjrOPCkFCKmLwZin0Oujbb88WDeqSHAYB0A
+35lUDuQtg1rCNkTirBCdFAYFkfaRRwDGwdQ7L9cijidxMONYx1EapDbyqGL2BXJl
+99ZVebokUKeKQrvsghQZhmcph1mHABsOMfRw4x8TGxMJJSRM264OYCn66EK1tBh4
+tA0oU5GBAoGBAOTZEF1cQWjHHLvMUSP4B/6ZxvcP9ZdQaPISrq2j9oaArnCxxYvm
+XHTZRK0YAXzPnmhBXL46FoslDwUKu+T2gajl1NOBKk9C8uao9Xqm+IDKuA+ebf8V
+1B31Sf5bxnBI9jMaORGZg5/KFGvl3IzBrJODPTFToLHoqlS+lGhHoMYPAoGBAMNp
+g0+w8m/CsKapOhKZ6+91pT3sHsVUQ7JhTKpajpk+JOB7JaF1eZzuShTykkpDWmGw
+VesgbpBx+/JnjxW3Lnq24FUp4t+9OZ5r3gr2uFPHkmr4laT8S1WSqspmck0jZMgM
+zAIrLV7miAxVefrDjoqf5VkMaqwGoZavXU5UzLERAoGAK+vFCkYEf7mHODvUbtTR
+o/mbiBtWBT53hc40HDtVuybDU/mqclk58WsplRcAYhXuzw+MXy4C2Z25LjyLJzxw
+UhwaJqWpmyC8Qay3wFx/YSiG/uhnMAfeeAl1tA2lHjPCnLgxr8EI1AgSt0qcc59Q
+IdeUTP1B4CNJXY5eKU1l+90CgYEAuU0aybzfiH80CDY87VqsUnxa32dCnpiTQVnm
+2zvYMRSu33enbX36foewFEEZ2/YWhMA0GSy965dK9Mii9FKqbo9wFxILI2NKeiGL
+gxYGINwEyg9DyBm+Tj0wW5HeHavMa69G3V+YPH+azydW7iX2yxlo4JJXrRz0qfFN
+J3ReTiECgYEA4CIpRG5XzW6BEscqDBBQZ46RVy8wsnwxt62V2g2CImDwzKslcHK8
+oQurwl5WLKmvb0amMTedmVeIey3GOy23G8HrpHjEZjLi3wr3s3xJlPVajDBWw5Og
+dgU9acdKHcbzv9dnsyC6eO1hr0TlEJqMkPuoNr3RihEuhv88rQbmGas=
+-----END RSA PRIVATE KEY-----

test/fixtures/keys/agent7.cnf

@@ -0,0 +1,17 @@
+[ req ]
+default_bits           = 2048
+days                   = 999
+distinguished_name     = req_distinguished_name
+attributes             = req_attributes
+prompt                 = no
+
+[ req_distinguished_name ]
+C                      = US
+ST                     = CA
+L                      = SF
+O                      = IOJS
+OU                     = iojs.org
+CN                     = localhost
+
+[ req_attributes ]
+challengePassword              = A challenge password

test/fixtures/keys/fake-cnnic-root-cert.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC9zCCAd+gAwIBAgIJAMJ5SivqSZNtMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNV
+BAYTAkNOMQ4wDAYDVQQKEwVDTk5JQzETMBEGA1UEAxMKQ05OSUMgUk9PVDAeFw0x
+NTA2MDkxNzE1MTZaFw0xODAzMjkxNzE1MTZaMDIxCzAJBgNVBAYTAkNOMQ4wDAYD
+VQQKEwVDTk5JQzETMBEGA1UEAxMKQ05OSUMgUk9PVDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMwlKdTOPb+B0bENBw5+ZgnN2KxNhLBcEd0HB174fI1o
+iE7qmbRObzSXT4HCmg1j8lijq3isnI4oMH9nCJNxZcdXtY7c3YXYoGtsVWAX++ZF
+wYzakXXvDnHiaGXOos9+LuIRC0PZqyoYwZb0lvfyjPzIKBLVoCAAVTw65ankLN/J
+5vJ44PzyiLmBZhhr9WzyyKVYNo2X7FLMGJtg8lz0vslb4ImNxumKmGyBijv730E5
+qEc6HSriNeH/GSO7HBkxpbt+1MDkg3RaY/uGABuWhtuGgT8PkYCRdsSypawG561j
+NKs/Ny4gTBaQAsmnuj2wwUj0i4MQkQDute/Db/IY56UCAwEAAaMQMA4wDAYDVR0T
+BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEARJG19V4/zOko/8eIVYeX9L6hQRNt
+a6llIYPihQG29GdQsU+d0FqXba9N3oUD5kSF21F4oty7hWzLbBWnrKl66mXKNwWI
+DjcYwjc2etThNEhud3jY2SreDx6OIFu97DW2oZfvBSTYrh1xastxuDVcBmhdNk4N
+76Qj8s2X9KOS7nE+FY90ANwvckmHEAiq//aD5liwzCc8AYZi/JxV00YR7JS7Niee
+y0M5UZ0AAO+P9DB+fkIRZcSodtmPa4Q3m32p3RgGS7TnNHsqDvRXsnrt+7YV1kBW
+xrYO/iKGhq2K4bv6Z8JWUHyGyx7JEOFCJ25oWLYgByW5cJUE3xM4UTDzuw==
+-----END CERTIFICATE-----

test/fixtures/keys/fake-cnnic-root-cert.srl

@@ -0,0 +1 @@
+AA466F0FFF621BCC

test/fixtures/keys/fake-cnnic-root-key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAzCUp1M49v4HRsQ0HDn5mCc3YrE2EsFwR3QcHXvh8jWiITuqZ
+tE5vNJdPgcKaDWPyWKOreKycjigwf2cIk3Flx1e1jtzdhdiga2xVYBf75kXBjNqR
+de8OceJoZc6iz34u4hELQ9mrKhjBlvSW9/KM/MgoEtWgIABVPDrlqeQs38nm8njg
+/PKIuYFmGGv1bPLIpVg2jZfsUswYm2DyXPS+yVvgiY3G6YqYbIGKO/vfQTmoRzod
+KuI14f8ZI7scGTGlu37UwOSDdFpj+4YAG5aG24aBPw+RgJF2xLKlrAbnrWM0qz83
+LiBMFpACyae6PbDBSPSLgxCRAO6178Nv8hjnpQIDAQABAoIBAGKGtS+98lNRRnEb
+BoLaQkkNDjvqldXAOebhE4+kggiFoPPlihVZnZZWSMsprswzpq1dIM73EAAUKYPz
+qFHw8txI2pl+w3Nr39C40mO0b6DtncJrYrT2kZQpX5VzK2TVU69L5pHypgeFNzmy
+BoLYj28Y8y5T6BpJztlo25spQvcmUAR0PZmde1NJwjWTdxAlCeER+fvgJu2UsKpn
+EEEIc5UGEdedhRLkQgt0Cu1FqeDihvr+z6upH467trmNhlTyrPeN3+FqRUkuqPvA
+RdR1g7+fSRTku+QzrCq/tN2zyjVDwED2GGQs1fCOYOb/vSsIydIddqGIqdSdE05r
+ZtIhGEECgYEA7EtwzIJAHV1rcB2OcNgodLx7/ratPIJZg5umGDfd159MkwzxcFjz
+lxiu4SjW8s+83KgZ6E6N4ZsekJLz1eI33gGGK4XqGBSHiQe+A8WnQeRJXCmT1nzx
+23LjE07sJd42l2byPejF+dBRQZF71pqsjTHLvn+jJD2CakdaeozEpEkCgYEA3Stg
+L7DqSjPBOaGpFR6bZqdJhYG4/FVIVN9sKTfo0CqlNHrqjIeL8RgTSu+PYJTvIF2B
+NfUjTfsxGfLKKBIHR+1LRMt2rr/tYnvr1/kwAAw9zYaugNiZ/J4BPLCXtN4Ahj4t
+2d2Zbyg/bD3ppmT80LGnzJ3oQhmQVC0nuv8PMH0CgYEA4zzVmEa2Q8cgWCyEXC70
+EPdmQxkIVkWAshkQTQAE3qR6bnwnAAT7FNaO70doFxACLy2V5JsOxOR5K023Inwv
+f9d1YQuiiU/M29HPQS9mXu6cQf5WBxIXQRQmHd5rKSue0lEVKsZdBZX5XpX7QvFy
+eUJnDqcOi/5/GZfPAkW3ockCgYAa+/vUVcWAIChnG65BgWZ8c9SokVc8kjss/8V2
+kfe5zjox2P1c//y3AbT445mesw0p6b6mEq6oCQnInLLFiM2SnQUd86UbVRdleLEh
+vKl6mAPCW7hWyBahl7WW7gTUcHGn71YwyrS5tzNlxXgIcTHXVJWghXOc/Pl7C7dZ
+PV1hEQKBgQCnJQuQ1fb+w9O+P2MKdZPD/ztrghIeIyS9X90GuFWPMCWlIO6gaF8U
+JY3BNuiahAhxVLcnaG8mNCXARPGCRGYDwN11vv/jrUOH/dXbd1bwwUkHfNu00w75
+LTHh1YKab/RifALc5k8mGWNIuZWE8xqjKOrpyNiX2VKwhglrJ1NK0A==
+-----END RSA PRIVATE KEY-----

test/fixtures/keys/fake-cnnic-root.cnf

@@ -0,0 +1,19 @@
+[ req ]
+default_bits           = 2048
+days                   = 999
+distinguished_name     = req_distinguished_name
+attributes             = req_attributes
+prompt                 = no
+output_password        = password
+x509_extensions        = v3_ca
+
+[ req_distinguished_name ]
+C                      = CN
+O                      = CNNIC
+CN                     = CNNIC ROOT
+
+[ req_attributes ]
+challengePassword              = A challenge password
+
+[ v3_ca ]
+basicConstraints = CA:TRUE

test/internet/test-tls-connnect-cnnic.js

@@ -0,0 +1,14 @@
+'use strict';
+//
+// The server cert of www1.cnnic.cn is listed in the whitelist of
+// {
+//   { 0x1B, 0xF4, 0x8A, 0x83, 0x3C, 0xE4, 0x05, 0x64, 0x8C, 0xC0, 0xBD, 0xD3,
+//     0xB5, 0xB8, 0xC1, 0x8E, 0xB5, 0x13, 0x15, 0x34, 0x29, 0x3A, 0xB2, 0x63,
+//     0x44, 0xB5, 0x00, 0x76, 0x48, 0x11, 0x41, 0xED },
+// },
+// in src/CNNICHashWhitelist.inc
+var tls = require('tls');
+var socket = tls.connect(443, 'www1.cnnic.cn', function() {
+  socket.resume();
+  socket.destroy();
+});

test/parallel/test-tls-cnnic-whitelist.js

@@ -0,0 +1,42 @@
+'use strict';
+var common = require('../common');
+var assert = require('assert');
+
+if (!common.hasCrypto) {
+  console.log('1..0 # Skipped: missing crypto');
+  process.exit();
+}
+
+var tls = require('tls');
+var fs = require('fs');
+var path = require('path');
+
+var error = false;
+
+// agent7-cert.pem is issued by the fake CNNIC root CA so that its
+// hash is not listed in the whitelist.
+var options = {
+  key: fs.readFileSync(path.join(common.fixturesDir, 'keys/agent7-key.pem')),
+  cert: fs.readFileSync(path.join(common.fixturesDir, 'keys/agent7-cert.pem'))
+};
+
+var server = tls.createServer(options, function(s) {
+  s.resume();
+}).listen(common.PORT, function() {
+  var client = tls.connect({
+    port: common.PORT,
+    rejectUnauthorized: true,
+    // fake-cnnic-root-cert has the same subject name as the original
+    // rootCA.
+    ca: [fs.readFileSync(path.join(common.fixturesDir,
+                                   'keys/fake-cnnic-root-cert.pem'))]
+  });
+  client.on('error', function(e) {
+    assert.strictEqual(e.code, 'CERT_REVOKED');
+    error = true;
+    server.close();
+  });
+});
+process.on('exit', function() {
+  assert(error);
+});