1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "net/cert/x509_certificate.h" 6 7 #include <stdlib.h> 8 9 #include <algorithm> 10 #include <map> 11 #include <string> 12 #include <vector> 13 14 #include "base/base64.h" 15 #include "base/lazy_instance.h" 16 #include "base/logging.h" 17 #include "base/memory/scoped_ptr.h" 18 #include "base/memory/singleton.h" 19 #include "base/metrics/histogram.h" 20 #include "base/pickle.h" 21 #include "base/sha1.h" 22 #include "base/strings/string_piece.h" 23 #include "base/strings/string_util.h" 24 #include "base/synchronization/lock.h" 25 #include "base/time/time.h" 26 #include "crypto/secure_hash.h" 27 #include "net/base/net_util.h" 28 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" 29 #include "net/cert/pem_tokenizer.h" 30 #include "url/url_canon.h" 31 32 namespace net { 33 34 namespace { 35 36 // Indicates the order to use when trying to decode binary data, which is 37 // based on (speculation) as to what will be most common -> least common 38 const X509Certificate::Format kFormatDecodePriority[] = { 39 X509Certificate::FORMAT_SINGLE_CERTIFICATE, 40 X509Certificate::FORMAT_PKCS7 41 }; 42 43 // The PEM block header used for DER certificates 44 const char kCertificateHeader[] = "CERTIFICATE"; 45 // The PEM block header used for PKCS#7 data 46 const char kPKCS7Header[] = "PKCS7"; 47 48 #if !defined(USE_NSS) 49 // A thread-safe cache for OS certificate handles. 50 // 51 // Within each of the supported underlying crypto libraries, a certificate 52 // handle is represented as a ref-counted object that contains the parsed 53 // data for the certificate. In addition, the underlying OS handle may also 54 // contain a copy of the original ASN.1 DER used to constructed the handle. 55 // 56 // In order to reduce the memory usage when multiple SSL connections exist, 57 // with each connection storing the server's identity certificate plus any 58 // intermediates supplied, the certificate handles are cached. Any two 59 // X509Certificates that were created from the same ASN.1 DER data, 60 // regardless of where that data came from, will share the same underlying 61 // OS certificate handle. 62 class X509CertificateCache { 63 public: 64 // Performs a compare-and-swap like operation. If an OS certificate handle 65 // for the same certificate data as |*cert_handle| already exists in the 66 // cache, the original |*cert_handle| will be freed and |cert_handle| 67 // will be updated to point to a duplicated reference to the existing cached 68 // certificate, with the caller taking ownership of this duplicated handle. 69 // If an equivalent OS certificate handle is not found, a duplicated 70 // reference to |*cert_handle| will be added to the cache. In either case, 71 // upon return, the caller fully owns |*cert_handle| and is responsible for 72 // calling FreeOSCertHandle(), after first calling Remove(). 73 void InsertOrUpdate(X509Certificate::OSCertHandle* cert_handle); 74 75 // Decrements the cache reference count for |cert_handle|, a handle that was 76 // previously obtained by calling InsertOrUpdate(). If this is the last 77 // cached reference held, this will remove the handle from the cache. The 78 // caller retains ownership of |cert_handle| and remains responsible for 79 // calling FreeOSCertHandle() to release the underlying OS certificate 80 void Remove(X509Certificate::OSCertHandle cert_handle); 81 82 private: 83 // A single entry in the cache. Certificates will be keyed by their SHA1 84 // fingerprints, but will not be considered equivalent unless the entire 85 // certificate data matches. 86 struct Entry { 87 Entry() : cert_handle(NULL), ref_count(0) {} 88 89 X509Certificate::OSCertHandle cert_handle; 90 91 // Increased by each call to InsertOrUpdate(), and balanced by each call 92 // to Remove(). When it equals 0, all references created by 93 // InsertOrUpdate() have been released, so the cache entry will be removed 94 // the cached OS certificate handle will be freed. 95 int ref_count; 96 }; 97 typedef std::map<SHA1HashValue, Entry, SHA1HashValueLessThan> CertMap; 98 99 // Obtain an instance of X509CertificateCache via a LazyInstance. 100 X509CertificateCache() {} 101 ~X509CertificateCache() {} 102 friend struct base::DefaultLazyInstanceTraits<X509CertificateCache>; 103 104 // You must acquire this lock before using any private data of this object 105 // You must not block while holding this lock. 106 base::Lock lock_; 107 108 // The certificate cache. You must acquire |lock_| before using |cache_|. 109 CertMap cache_; 110 111 DISALLOW_COPY_AND_ASSIGN(X509CertificateCache); 112 }; 113 114 base::LazyInstance<X509CertificateCache>::Leaky 115 g_x509_certificate_cache = LAZY_INSTANCE_INITIALIZER; 116 117 void X509CertificateCache::InsertOrUpdate( 118 X509Certificate::OSCertHandle* cert_handle) { 119 DCHECK(cert_handle); 120 SHA1HashValue fingerprint = 121 X509Certificate::CalculateFingerprint(*cert_handle); 122 123 X509Certificate::OSCertHandle old_handle = NULL; 124 { 125 base::AutoLock lock(lock_); 126 CertMap::iterator pos = cache_.find(fingerprint); 127 if (pos == cache_.end()) { 128 // A cached entry was not found, so initialize a new entry. The entry 129 // assumes ownership of the current |*cert_handle|. 130 Entry cache_entry; 131 cache_entry.cert_handle = *cert_handle; 132 cache_entry.ref_count = 0; 133 CertMap::value_type cache_value(fingerprint, cache_entry); 134 pos = cache_.insert(cache_value).first; 135 } else { 136 bool is_same_cert = 137 X509Certificate::IsSameOSCert(*cert_handle, pos->second.cert_handle); 138 if (!is_same_cert) { 139 // Two certificates don't match, due to a SHA1 hash collision. Given 140 // the low probability, the simplest solution is to not cache the 141 // certificate, which should not affect performance too negatively. 142 return; 143 } 144 // A cached entry was found and will be used instead of the caller's 145 // handle. Ensure the caller's original handle will be freed, since 146 // ownership is assumed. 147 old_handle = *cert_handle; 148 } 149 // Whether an existing cached handle or a new handle, increment the 150 // cache's reference count and return a handle that the caller can own. 151 ++pos->second.ref_count; 152 *cert_handle = X509Certificate::DupOSCertHandle(pos->second.cert_handle); 153 } 154 // If the caller's handle was replaced with a cached handle, free the 155 // original handle now. This is done outside of the lock because 156 // |old_handle| may be the only handle for this particular certificate, so 157 // freeing it may be complex or resource-intensive and does not need to 158 // be guarded by the lock. 159 if (old_handle) { 160 X509Certificate::FreeOSCertHandle(old_handle); 161 #ifndef NDEBUG 162 LOCAL_HISTOGRAM_BOOLEAN("X509CertificateReuseCount", true); 163 #endif 164 } 165 } 166 167 void X509CertificateCache::Remove(X509Certificate::OSCertHandle cert_handle) { 168 SHA1HashValue fingerprint = 169 X509Certificate::CalculateFingerprint(cert_handle); 170 base::AutoLock lock(lock_); 171 172 CertMap::iterator pos = cache_.find(fingerprint); 173 if (pos == cache_.end()) 174 return; // A hash collision where the winning cert was already freed. 175 176 bool is_same_cert = X509Certificate::IsSameOSCert(cert_handle, 177 pos->second.cert_handle); 178 if (!is_same_cert) 179 return; // A hash collision where the winning cert is still around. 180 181 if (--pos->second.ref_count == 0) { 182 // The last reference to |cert_handle| has been removed, so release the 183 // Entry's OS handle and remove the Entry. The caller still holds a 184 // reference to |cert_handle| and is responsible for freeing it. 185 X509Certificate::FreeOSCertHandle(pos->second.cert_handle); 186 cache_.erase(pos); 187 } 188 } 189 #endif // !defined(USE_NSS) 190 191 // See X509CertificateCache::InsertOrUpdate. NSS has a built-in cache, so there 192 // is no point in wrapping another cache around it. 193 void InsertOrUpdateCache(X509Certificate::OSCertHandle* cert_handle) { 194 #if !defined(USE_NSS) 195 g_x509_certificate_cache.Pointer()->InsertOrUpdate(cert_handle); 196 #endif 197 } 198 199 // See X509CertificateCache::Remove. 200 void RemoveFromCache(X509Certificate::OSCertHandle cert_handle) { 201 #if !defined(USE_NSS) 202 g_x509_certificate_cache.Pointer()->Remove(cert_handle); 203 #endif 204 } 205 206 // Utility to split |src| on the first occurrence of |c|, if any. |right| will 207 // either be empty if |c| was not found, or will contain the remainder of the 208 // string including the split character itself. 209 void SplitOnChar(const base::StringPiece& src, 210 char c, 211 base::StringPiece* left, 212 base::StringPiece* right) { 213 size_t pos = src.find(c); 214 if (pos == base::StringPiece::npos) { 215 *left = src; 216 right->clear(); 217 } else { 218 *left = src.substr(0, pos); 219 *right = src.substr(pos); 220 } 221 } 222 223 } // namespace 224 225 bool X509Certificate::LessThan::operator()( 226 const scoped_refptr<X509Certificate>& lhs, 227 const scoped_refptr<X509Certificate>& rhs) const { 228 if (lhs.get() == rhs.get()) 229 return false; 230 231 int rv = memcmp(lhs->fingerprint_.data, rhs->fingerprint_.data, 232 sizeof(lhs->fingerprint_.data)); 233 if (rv != 0) 234 return rv < 0; 235 236 rv = memcmp(lhs->ca_fingerprint_.data, rhs->ca_fingerprint_.data, 237 sizeof(lhs->ca_fingerprint_.data)); 238 return rv < 0; 239 } 240 241 X509Certificate::X509Certificate(const std::string& subject, 242 const std::string& issuer, 243 base::Time start_date, 244 base::Time expiration_date) 245 : subject_(subject), 246 issuer_(issuer), 247 valid_start_(start_date), 248 valid_expiry_(expiration_date), 249 cert_handle_(NULL) { 250 memset(fingerprint_.data, 0, sizeof(fingerprint_.data)); 251 memset(ca_fingerprint_.data, 0, sizeof(ca_fingerprint_.data)); 252 } 253 254 // static 255 X509Certificate* X509Certificate::CreateFromHandle( 256 OSCertHandle cert_handle, 257 const OSCertHandles& intermediates) { 258 DCHECK(cert_handle); 259 return new X509Certificate(cert_handle, intermediates); 260 } 261 262 // static 263 X509Certificate* X509Certificate::CreateFromDERCertChain( 264 const std::vector<base::StringPiece>& der_certs) { 265 if (der_certs.empty()) 266 return NULL; 267 268 X509Certificate::OSCertHandles intermediate_ca_certs; 269 for (size_t i = 1; i < der_certs.size(); i++) { 270 OSCertHandle handle = CreateOSCertHandleFromBytes( 271 const_cast<char*>(der_certs[i].data()), der_certs[i].size()); 272 if (!handle) 273 break; 274 intermediate_ca_certs.push_back(handle); 275 } 276 277 OSCertHandle handle = NULL; 278 // Return NULL if we failed to parse any of the certs. 279 if (der_certs.size() - 1 == intermediate_ca_certs.size()) { 280 handle = CreateOSCertHandleFromBytes( 281 const_cast<char*>(der_certs[0].data()), der_certs[0].size()); 282 } 283 284 X509Certificate* cert = NULL; 285 if (handle) { 286 cert = CreateFromHandle(handle, intermediate_ca_certs); 287 FreeOSCertHandle(handle); 288 } 289 290 for (size_t i = 0; i < intermediate_ca_certs.size(); i++) 291 FreeOSCertHandle(intermediate_ca_certs[i]); 292 293 return cert; 294 } 295 296 // static 297 X509Certificate* X509Certificate::CreateFromBytes(const char* data, 298 int length) { 299 OSCertHandle cert_handle = CreateOSCertHandleFromBytes(data, length); 300 if (!cert_handle) 301 return NULL; 302 303 X509Certificate* cert = CreateFromHandle(cert_handle, OSCertHandles()); 304 FreeOSCertHandle(cert_handle); 305 return cert; 306 } 307 308 // static 309 X509Certificate* X509Certificate::CreateFromPickle(const Pickle& pickle, 310 PickleIterator* pickle_iter, 311 PickleType type) { 312 if (type == PICKLETYPE_CERTIFICATE_CHAIN_V3) { 313 int chain_length = 0; 314 if (!pickle_iter->ReadLength(&chain_length)) 315 return NULL; 316 317 std::vector<base::StringPiece> cert_chain; 318 const char* data = NULL; 319 int data_length = 0; 320 for (int i = 0; i < chain_length; ++i) { 321 if (!pickle_iter->ReadData(&data, &data_length)) 322 return NULL; 323 cert_chain.push_back(base::StringPiece(data, data_length)); 324 } 325 return CreateFromDERCertChain(cert_chain); 326 } 327 328 // Legacy / Migration code. This should eventually be removed once 329 // sufficient time has passed that all pickles serialized prior to 330 // PICKLETYPE_CERTIFICATE_CHAIN_V3 have been removed. 331 OSCertHandle cert_handle = ReadOSCertHandleFromPickle(pickle_iter); 332 if (!cert_handle) 333 return NULL; 334 335 OSCertHandles intermediates; 336 uint32 num_intermediates = 0; 337 if (type != PICKLETYPE_SINGLE_CERTIFICATE) { 338 if (!pickle_iter->ReadUInt32(&num_intermediates)) { 339 FreeOSCertHandle(cert_handle); 340 return NULL; 341 } 342 343 #if defined(OS_POSIX) && !defined(OS_MACOSX) && defined(__x86_64__) 344 // On 64-bit Linux (and any other 64-bit platforms), the intermediate count 345 // might really be a 64-bit field since we used to use Pickle::WriteSize(), 346 // which writes either 32 or 64 bits depending on the architecture. Since 347 // x86-64 is little-endian, if that happens, the next 32 bits will be all 348 // zeroes (the high bits) and the 32 bits we already read above are the 349 // correct value (we assume there are never more than 2^32 - 1 intermediate 350 // certificates in a chain; in practice, more than a dozen or so is 351 // basically unheard of). Since it's invalid for a certificate to start with 352 // 32 bits of zeroes, we check for that here and skip it if we find it. We 353 // save a copy of the pickle iterator to restore in case we don't get 32 354 // bits of zeroes. Now we always write 32 bits, so after a while, these old 355 // cached pickles will all get replaced. 356 // TODO(mdm): remove this compatibility code in April 2013 or so. 357 PickleIterator saved_iter = *pickle_iter; 358 uint32 zero_check = 0; 359 if (!pickle_iter->ReadUInt32(&zero_check)) { 360 // This may not be an error. If there are no intermediates, and we're 361 // reading an old 32-bit pickle, and there's nothing else after this in 362 // the pickle, we should report success. Note that it is technically 363 // possible for us to skip over zeroes that should have occurred after 364 // an empty certificate list; to avoid this going forward, only do this 365 // backward-compatibility stuff for PICKLETYPE_CERTIFICATE_CHAIN_V1 366 // which comes from the pickle version number in http_response_info.cc. 367 if (num_intermediates) { 368 FreeOSCertHandle(cert_handle); 369 return NULL; 370 } 371 } 372 if (zero_check) 373 *pickle_iter = saved_iter; 374 #endif // defined(OS_POSIX) && !defined(OS_MACOSX) && defined(__x86_64__) 375 376 for (uint32 i = 0; i < num_intermediates; ++i) { 377 OSCertHandle intermediate = ReadOSCertHandleFromPickle(pickle_iter); 378 if (!intermediate) 379 break; 380 intermediates.push_back(intermediate); 381 } 382 } 383 384 X509Certificate* cert = NULL; 385 if (intermediates.size() == num_intermediates) 386 cert = CreateFromHandle(cert_handle, intermediates); 387 FreeOSCertHandle(cert_handle); 388 for (size_t i = 0; i < intermediates.size(); ++i) 389 FreeOSCertHandle(intermediates[i]); 390 391 return cert; 392 } 393 394 // static 395 CertificateList X509Certificate::CreateCertificateListFromBytes( 396 const char* data, int length, int format) { 397 OSCertHandles certificates; 398 399 // Check to see if it is in a PEM-encoded form. This check is performed 400 // first, as both OS X and NSS will both try to convert if they detect 401 // PEM encoding, except they don't do it consistently between the two. 402 base::StringPiece data_string(data, length); 403 std::vector<std::string> pem_headers; 404 405 // To maintain compatibility with NSS/Firefox, CERTIFICATE is a universally 406 // valid PEM block header for any format. 407 pem_headers.push_back(kCertificateHeader); 408 if (format & FORMAT_PKCS7) 409 pem_headers.push_back(kPKCS7Header); 410 411 PEMTokenizer pem_tok(data_string, pem_headers); 412 while (pem_tok.GetNext()) { 413 std::string decoded(pem_tok.data()); 414 415 OSCertHandle handle = NULL; 416 if (format & FORMAT_PEM_CERT_SEQUENCE) 417 handle = CreateOSCertHandleFromBytes(decoded.c_str(), decoded.size()); 418 if (handle != NULL) { 419 // Parsed a DER encoded certificate. All PEM blocks that follow must 420 // also be DER encoded certificates wrapped inside of PEM blocks. 421 format = FORMAT_PEM_CERT_SEQUENCE; 422 certificates.push_back(handle); 423 continue; 424 } 425 426 // If the first block failed to parse as a DER certificate, and 427 // formats other than PEM are acceptable, check to see if the decoded 428 // data is one of the accepted formats. 429 if (format & ~FORMAT_PEM_CERT_SEQUENCE) { 430 for (size_t i = 0; certificates.empty() && 431 i < arraysize(kFormatDecodePriority); ++i) { 432 if (format & kFormatDecodePriority[i]) { 433 certificates = CreateOSCertHandlesFromBytes(decoded.c_str(), 434 decoded.size(), kFormatDecodePriority[i]); 435 } 436 } 437 } 438 439 // Stop parsing after the first block for any format but a sequence of 440 // PEM-encoded DER certificates. The case of FORMAT_PEM_CERT_SEQUENCE 441 // is handled above, and continues processing until a certificate fails 442 // to parse. 443 break; 444 } 445 446 // Try each of the formats, in order of parse preference, to see if |data| 447 // contains the binary representation of a Format, if it failed to parse 448 // as a PEM certificate/chain. 449 for (size_t i = 0; certificates.empty() && 450 i < arraysize(kFormatDecodePriority); ++i) { 451 if (format & kFormatDecodePriority[i]) 452 certificates = CreateOSCertHandlesFromBytes(data, length, 453 kFormatDecodePriority[i]); 454 } 455 456 CertificateList results; 457 // No certificates parsed. 458 if (certificates.empty()) 459 return results; 460 461 for (OSCertHandles::iterator it = certificates.begin(); 462 it != certificates.end(); ++it) { 463 X509Certificate* result = CreateFromHandle(*it, OSCertHandles()); 464 results.push_back(scoped_refptr<X509Certificate>(result)); 465 FreeOSCertHandle(*it); 466 } 467 468 return results; 469 } 470 471 void X509Certificate::Persist(Pickle* pickle) { 472 DCHECK(cert_handle_); 473 // This would be an absolutely insane number of intermediates. 474 if (intermediate_ca_certs_.size() > static_cast<size_t>(INT_MAX) - 1) { 475 NOTREACHED(); 476 return; 477 } 478 if (!pickle->WriteInt( 479 static_cast<int>(intermediate_ca_certs_.size() + 1)) || 480 !WriteOSCertHandleToPickle(cert_handle_, pickle)) { 481 NOTREACHED(); 482 return; 483 } 484 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { 485 if (!WriteOSCertHandleToPickle(intermediate_ca_certs_[i], pickle)) { 486 NOTREACHED(); 487 return; 488 } 489 } 490 } 491 492 void X509Certificate::GetDNSNames(std::vector<std::string>* dns_names) const { 493 GetSubjectAltName(dns_names, NULL); 494 if (dns_names->empty()) 495 dns_names->push_back(subject_.common_name); 496 } 497 498 bool X509Certificate::HasExpired() const { 499 return base::Time::Now() > valid_expiry(); 500 } 501 502 bool X509Certificate::Equals(const X509Certificate* other) const { 503 return IsSameOSCert(cert_handle_, other->cert_handle_); 504 } 505 506 // static 507 bool X509Certificate::VerifyHostname( 508 const std::string& hostname, 509 const std::string& cert_common_name, 510 const std::vector<std::string>& cert_san_dns_names, 511 const std::vector<std::string>& cert_san_ip_addrs, 512 bool* common_name_fallback_used) { 513 DCHECK(!hostname.empty()); 514 // Perform name verification following http://tools.ietf.org/html/rfc6125. 515 // The terminology used in this method is as per that RFC:- 516 // Reference identifier == the host the local user/agent is intending to 517 // access, i.e. the thing displayed in the URL bar. 518 // Presented identifier(s) == name(s) the server knows itself as, in its cert. 519 520 // CanonicalizeHost requires surrounding brackets to parse an IPv6 address. 521 const std::string host_or_ip = hostname.find(':') != std::string::npos ? 522 "[" + hostname + "]" : hostname; 523 url::CanonHostInfo host_info; 524 std::string reference_name = CanonicalizeHost(host_or_ip, &host_info); 525 // CanonicalizeHost does not normalize absolute vs relative DNS names. If 526 // the input name was absolute (included trailing .), normalize it as if it 527 // was relative. 528 if (!reference_name.empty() && *reference_name.rbegin() == '.') 529 reference_name.resize(reference_name.size() - 1); 530 if (reference_name.empty()) 531 return false; 532 533 // Allow fallback to Common name matching? 534 const bool common_name_fallback = cert_san_dns_names.empty() && 535 cert_san_ip_addrs.empty(); 536 *common_name_fallback_used = common_name_fallback; 537 538 // Fully handle all cases where |hostname| contains an IP address. 539 if (host_info.IsIPAddress()) { 540 if (common_name_fallback && host_info.family == url::CanonHostInfo::IPV4) { 541 // Fallback to Common name matching. As this is deprecated and only 542 // supported for compatibility refuse it for IPv6 addresses. 543 return reference_name == cert_common_name; 544 } 545 base::StringPiece ip_addr_string( 546 reinterpret_cast<const char*>(host_info.address), 547 host_info.AddressLength()); 548 return std::find(cert_san_ip_addrs.begin(), cert_san_ip_addrs.end(), 549 ip_addr_string) != cert_san_ip_addrs.end(); 550 } 551 552 // |reference_domain| is the remainder of |host| after the leading host 553 // component is stripped off, but includes the leading dot e.g. 554 // "www.f.com" -> ".f.com". 555 // If there is no meaningful domain part to |host| (e.g. it contains no dots) 556 // then |reference_domain| will be empty. 557 base::StringPiece reference_host, reference_domain; 558 SplitOnChar(reference_name, '.', &reference_host, &reference_domain); 559 bool allow_wildcards = false; 560 if (!reference_domain.empty()) { 561 DCHECK(reference_domain.starts_with(".")); 562 563 // Do not allow wildcards for public/ICANN registry controlled domains - 564 // that is, prevent *.com or *.co.uk as valid presented names, but do not 565 // prevent *.appspot.com (a private registry controlled domain). 566 // In addition, unknown top-level domains (such as 'intranet' domains or 567 // new TLDs/gTLDs not yet added to the registry controlled domain dataset) 568 // are also implicitly prevented. 569 // Because |reference_domain| must contain at least one name component that 570 // is not registry controlled, this ensures that all reference domains 571 // contain at least three domain components when using wildcards. 572 size_t registry_length = 573 registry_controlled_domains::GetRegistryLength( 574 reference_name, 575 registry_controlled_domains::INCLUDE_UNKNOWN_REGISTRIES, 576 registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES); 577 578 // Because |reference_name| was already canonicalized, the following 579 // should never happen. 580 CHECK_NE(std::string::npos, registry_length); 581 582 // Account for the leading dot in |reference_domain|. 583 bool is_registry_controlled = 584 registry_length != 0 && 585 registry_length == (reference_domain.size() - 1); 586 587 // Additionally, do not attempt wildcard matching for purely numeric 588 // hostnames. 589 allow_wildcards = 590 !is_registry_controlled && 591 reference_name.find_first_not_of("0123456789.") != std::string::npos; 592 } 593 594 // Now step through the DNS names doing wild card comparison (if necessary) 595 // on each against the reference name. If subjectAltName is empty, then 596 // fallback to use the common name instead. 597 std::vector<std::string> common_name_as_vector; 598 const std::vector<std::string>* presented_names = &cert_san_dns_names; 599 if (common_name_fallback) { 600 // Note: there's a small possibility cert_common_name is an international 601 // domain name in non-standard encoding (e.g. UTF8String or BMPString 602 // instead of A-label). As common name fallback is deprecated we're not 603 // doing anything specific to deal with this. 604 common_name_as_vector.push_back(cert_common_name); 605 presented_names = &common_name_as_vector; 606 } 607 for (std::vector<std::string>::const_iterator it = 608 presented_names->begin(); 609 it != presented_names->end(); ++it) { 610 // Catch badly corrupt cert names up front. 611 if (it->empty() || it->find('\0') != std::string::npos) { 612 DVLOG(1) << "Bad name in cert: " << *it; 613 continue; 614 } 615 std::string presented_name(base::StringToLowerASCII(*it)); 616 617 // Remove trailing dot, if any. 618 if (*presented_name.rbegin() == '.') 619 presented_name.resize(presented_name.length() - 1); 620 621 // The hostname must be at least as long as the cert name it is matching, 622 // as we require the wildcard (if present) to match at least one character. 623 if (presented_name.length() > reference_name.length()) 624 continue; 625 626 base::StringPiece presented_host, presented_domain; 627 SplitOnChar(presented_name, '.', &presented_host, &presented_domain); 628 629 if (presented_domain != reference_domain) 630 continue; 631 632 base::StringPiece pattern_begin, pattern_end; 633 SplitOnChar(presented_host, '*', &pattern_begin, &pattern_end); 634 635 if (pattern_end.empty()) { // No '*' in the presented_host 636 if (presented_host == reference_host) 637 return true; 638 continue; 639 } 640 pattern_end.remove_prefix(1); // move past the * 641 642 if (!allow_wildcards) 643 continue; 644 645 // * must not match a substring of an IDN A label; just a whole fragment. 646 if (reference_host.starts_with("xn--") && 647 !(pattern_begin.empty() && pattern_end.empty())) 648 continue; 649 650 if (reference_host.starts_with(pattern_begin) && 651 reference_host.ends_with(pattern_end)) 652 return true; 653 } 654 return false; 655 } 656 657 bool X509Certificate::VerifyNameMatch(const std::string& hostname, 658 bool* common_name_fallback_used) const { 659 std::vector<std::string> dns_names, ip_addrs; 660 GetSubjectAltName(&dns_names, &ip_addrs); 661 return VerifyHostname(hostname, subject_.common_name, dns_names, ip_addrs, 662 common_name_fallback_used); 663 } 664 665 // static 666 bool X509Certificate::GetPEMEncodedFromDER(const std::string& der_encoded, 667 std::string* pem_encoded) { 668 if (der_encoded.empty()) 669 return false; 670 std::string b64_encoded; 671 base::Base64Encode(der_encoded, &b64_encoded); 672 *pem_encoded = "-----BEGIN CERTIFICATE-----\n"; 673 674 // Divide the Base-64 encoded data into 64-character chunks, as per 675 // 4.3.2.4 of RFC 1421. 676 static const size_t kChunkSize = 64; 677 size_t chunks = (b64_encoded.size() + (kChunkSize - 1)) / kChunkSize; 678 for (size_t i = 0, chunk_offset = 0; i < chunks; 679 ++i, chunk_offset += kChunkSize) { 680 pem_encoded->append(b64_encoded, chunk_offset, kChunkSize); 681 pem_encoded->append("\n"); 682 } 683 pem_encoded->append("-----END CERTIFICATE-----\n"); 684 return true; 685 } 686 687 // static 688 bool X509Certificate::GetPEMEncoded(OSCertHandle cert_handle, 689 std::string* pem_encoded) { 690 std::string der_encoded; 691 if (!GetDEREncoded(cert_handle, &der_encoded)) 692 return false; 693 return GetPEMEncodedFromDER(der_encoded, pem_encoded); 694 } 695 696 bool X509Certificate::GetPEMEncodedChain( 697 std::vector<std::string>* pem_encoded) const { 698 std::vector<std::string> encoded_chain; 699 std::string pem_data; 700 if (!GetPEMEncoded(os_cert_handle(), &pem_data)) 701 return false; 702 encoded_chain.push_back(pem_data); 703 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { 704 if (!GetPEMEncoded(intermediate_ca_certs_[i], &pem_data)) 705 return false; 706 encoded_chain.push_back(pem_data); 707 } 708 pem_encoded->swap(encoded_chain); 709 return true; 710 } 711 712 // static 713 SHA256HashValue X509Certificate::CalculateCAFingerprint256( 714 const OSCertHandles& intermediates) { 715 SHA256HashValue sha256; 716 memset(sha256.data, 0, sizeof(sha256.data)); 717 718 scoped_ptr<crypto::SecureHash> hash( 719 crypto::SecureHash::Create(crypto::SecureHash::SHA256)); 720 721 for (size_t i = 0; i < intermediates.size(); ++i) { 722 std::string der_encoded; 723 if (!GetDEREncoded(intermediates[i], &der_encoded)) 724 return sha256; 725 hash->Update(der_encoded.data(), der_encoded.length()); 726 } 727 hash->Finish(sha256.data, sizeof(sha256.data)); 728 729 return sha256; 730 } 731 732 // static 733 SHA256HashValue X509Certificate::CalculateChainFingerprint256( 734 OSCertHandle leaf, 735 const OSCertHandles& intermediates) { 736 OSCertHandles chain; 737 chain.push_back(leaf); 738 chain.insert(chain.end(), intermediates.begin(), intermediates.end()); 739 740 return CalculateCAFingerprint256(chain); 741 } 742 743 X509Certificate::X509Certificate(OSCertHandle cert_handle, 744 const OSCertHandles& intermediates) 745 : cert_handle_(DupOSCertHandle(cert_handle)) { 746 InsertOrUpdateCache(&cert_handle_); 747 for (size_t i = 0; i < intermediates.size(); ++i) { 748 // Duplicate the incoming certificate, as the caller retains ownership 749 // of |intermediates|. 750 OSCertHandle intermediate = DupOSCertHandle(intermediates[i]); 751 // Update the cache, which will assume ownership of the duplicated 752 // handle and return a suitable equivalent, potentially from the cache. 753 InsertOrUpdateCache(&intermediate); 754 intermediate_ca_certs_.push_back(intermediate); 755 } 756 // Platform-specific initialization. 757 Initialize(); 758 } 759 760 X509Certificate::~X509Certificate() { 761 if (cert_handle_) { 762 RemoveFromCache(cert_handle_); 763 FreeOSCertHandle(cert_handle_); 764 } 765 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { 766 RemoveFromCache(intermediate_ca_certs_[i]); 767 FreeOSCertHandle(intermediate_ca_certs_[i]); 768 } 769 } 770 771 } // namespace net 772
