1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/x509_certificate.h"
6
7 #include <limits.h>
8 #include <stdlib.h>
9
10 #include <memory>
11 #include <string>
12 #include <vector>
13
14 #include "base/base64.h"
15 #include "base/containers/contains.h"
16 #include "base/containers/span.h"
17 #include "base/logging.h"
18 #include "base/numerics/safe_conversions.h"
19 #include "base/pickle.h"
20 #include "base/strings/string_piece.h"
21 #include "base/strings/string_util.h"
22 #include "base/time/time.h"
23 #include "build/build_config.h"
24 #include "crypto/openssl_util.h"
25 #include "net/base/ip_address.h"
26 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
27 #include "net/base/tracing.h"
28 #include "net/base/url_util.h"
29 #include "net/cert/asn1_util.h"
30 #include "net/cert/pem.h"
31 #include "net/cert/pki/cert_errors.h"
32 #include "net/cert/pki/name_constraints.h"
33 #include "net/cert/pki/parsed_certificate.h"
34 #include "net/cert/pki/signature_algorithm.h"
35 #include "net/cert/pki/verify_certificate_chain.h"
36 #include "net/cert/pki/verify_name_match.h"
37 #include "net/cert/pki/verify_signed_data.h"
38 #include "net/cert/x509_util.h"
39 #include "net/der/encode_values.h"
40 #include "net/der/parser.h"
41 #include "net/dns/dns_util.h"
42 #include "third_party/boringssl/src/include/openssl/evp.h"
43 #include "third_party/boringssl/src/include/openssl/pool.h"
44 #include "third_party/boringssl/src/include/openssl/sha.h"
45 #include "url/url_canon.h"
46
47 namespace net {
48
49 namespace {
50
51 // Indicates the order to use when trying to decode binary data, which is
52 // based on (speculation) as to what will be most common -> least common
53 const X509Certificate::Format kFormatDecodePriority[] = {
54 X509Certificate::FORMAT_SINGLE_CERTIFICATE,
55 X509Certificate::FORMAT_PKCS7
56 };
57
58 // The PEM block header used for DER certificates
59 const char kCertificateHeader[] = "CERTIFICATE";
60 // The PEM block header used for PKCS#7 data
61 const char kPKCS7Header[] = "PKCS7";
62
63 // Utility to split |src| on the first occurrence of |c|, if any. |right| will
64 // either be empty if |c| was not found, or will contain the remainder of the
65 // string including the split character itself.
SplitOnChar(base::StringPiece src,char c,base::StringPiece * left,base::StringPiece * right)66 void SplitOnChar(base::StringPiece src,
67 char c,
68 base::StringPiece* left,
69 base::StringPiece* right) {
70 size_t pos = src.find(c);
71 if (pos == base::StringPiece::npos) {
72 *left = src;
73 *right = base::StringPiece();
74 } else {
75 *left = src.substr(0, pos);
76 *right = src.substr(pos);
77 }
78 }
79
80 // Sets |value| to the Value from a DER Sequence Tag-Length-Value and return
81 // true, or return false if the TLV was not a valid DER Sequence.
ParseSequenceValue(const der::Input & tlv,der::Input * value)82 [[nodiscard]] bool ParseSequenceValue(const der::Input& tlv,
83 der::Input* value) {
84 der::Parser parser(tlv);
85 return parser.ReadTag(der::kSequence, value) && !parser.HasMore();
86 }
87
88 // Normalize |cert|'s Issuer and store it in |out_normalized_issuer|, returning
89 // true on success or false if there was a parsing error.
GetNormalizedCertIssuer(CRYPTO_BUFFER * cert,std::string * out_normalized_issuer)90 bool GetNormalizedCertIssuer(CRYPTO_BUFFER* cert,
91 std::string* out_normalized_issuer) {
92 der::Input tbs_certificate_tlv;
93 der::Input signature_algorithm_tlv;
94 der::BitString signature_value;
95 if (!ParseCertificate(
96 der::Input(CRYPTO_BUFFER_data(cert), CRYPTO_BUFFER_len(cert)),
97 &tbs_certificate_tlv, &signature_algorithm_tlv, &signature_value,
98 nullptr)) {
99 return false;
100 }
101 ParsedTbsCertificate tbs;
102 if (!ParseTbsCertificate(tbs_certificate_tlv,
103 x509_util::DefaultParseCertificateOptions(), &tbs,
104 nullptr))
105 return false;
106
107 der::Input issuer_value;
108 if (!ParseSequenceValue(tbs.issuer_tlv, &issuer_value))
109 return false;
110
111 CertErrors errors;
112 return NormalizeName(issuer_value, out_normalized_issuer, &errors);
113 }
114
CreateCertBufferFromBytesWithSanityCheck(base::span<const uint8_t> data)115 bssl::UniquePtr<CRYPTO_BUFFER> CreateCertBufferFromBytesWithSanityCheck(
116 base::span<const uint8_t> data) {
117 der::Input tbs_certificate_tlv;
118 der::Input signature_algorithm_tlv;
119 der::BitString signature_value;
120 // Do a bare minimum of DER parsing here to see if the input looks
121 // certificate-ish.
122 if (!ParseCertificate(der::Input(data.data(), data.size()),
123 &tbs_certificate_tlv, &signature_algorithm_tlv,
124 &signature_value, nullptr)) {
125 return nullptr;
126 }
127 return x509_util::CreateCryptoBuffer(data);
128 }
129
130 } // namespace
131
132 // static
CreateFromBuffer(bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer,std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediates)133 scoped_refptr<X509Certificate> X509Certificate::CreateFromBuffer(
134 bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer,
135 std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediates) {
136 DCHECK(cert_buffer);
137 auto cert = base::WrapRefCounted(
138 new X509Certificate(std::move(cert_buffer), std::move(intermediates)));
139 if (!cert->cert_buffer())
140 return nullptr; // Initialize() failed.
141 return cert;
142 }
143
144 // static
CreateFromBufferUnsafeOptions(bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer,std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediates,UnsafeCreateOptions options)145 scoped_refptr<X509Certificate> X509Certificate::CreateFromBufferUnsafeOptions(
146 bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer,
147 std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediates,
148 UnsafeCreateOptions options) {
149 DCHECK(cert_buffer);
150 auto cert = base::WrapRefCounted(new X509Certificate(
151 std::move(cert_buffer), std::move(intermediates), options));
152 if (!cert->cert_buffer())
153 return nullptr; // Initialize() failed.
154 return cert;
155 }
156
157 // static
CreateFromDERCertChain(const std::vector<base::StringPiece> & der_certs)158 scoped_refptr<X509Certificate> X509Certificate::CreateFromDERCertChain(
159 const std::vector<base::StringPiece>& der_certs) {
160 return CreateFromDERCertChainUnsafeOptions(der_certs, {});
161 }
162
163 // static
164 scoped_refptr<X509Certificate>
CreateFromDERCertChainUnsafeOptions(const std::vector<base::StringPiece> & der_certs,UnsafeCreateOptions options)165 X509Certificate::CreateFromDERCertChainUnsafeOptions(
166 const std::vector<base::StringPiece>& der_certs,
167 UnsafeCreateOptions options) {
168 TRACE_EVENT0("io", "X509Certificate::CreateFromDERCertChain");
169 if (der_certs.empty())
170 return nullptr;
171
172 std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediate_ca_certs;
173 intermediate_ca_certs.reserve(der_certs.size() - 1);
174 for (size_t i = 1; i < der_certs.size(); i++) {
175 intermediate_ca_certs.push_back(
176 x509_util::CreateCryptoBuffer(der_certs[i]));
177 }
178
179 return CreateFromBufferUnsafeOptions(
180 x509_util::CreateCryptoBuffer(der_certs[0]),
181 std::move(intermediate_ca_certs), options);
182 }
183
184 // static
CreateFromBytes(base::span<const uint8_t> data)185 scoped_refptr<X509Certificate> X509Certificate::CreateFromBytes(
186 base::span<const uint8_t> data) {
187 return CreateFromBytesUnsafeOptions(data, {});
188 }
189
190 // static
CreateFromBytesUnsafeOptions(base::span<const uint8_t> data,UnsafeCreateOptions options)191 scoped_refptr<X509Certificate> X509Certificate::CreateFromBytesUnsafeOptions(
192 base::span<const uint8_t> data,
193 UnsafeCreateOptions options) {
194 scoped_refptr<X509Certificate> cert = CreateFromBufferUnsafeOptions(
195 x509_util::CreateCryptoBuffer(data), {}, options);
196 return cert;
197 }
198
199 // static
CreateFromPickle(base::PickleIterator * pickle_iter)200 scoped_refptr<X509Certificate> X509Certificate::CreateFromPickle(
201 base::PickleIterator* pickle_iter) {
202 return CreateFromPickleUnsafeOptions(pickle_iter, {});
203 }
204
205 // static
CreateFromPickleUnsafeOptions(base::PickleIterator * pickle_iter,UnsafeCreateOptions options)206 scoped_refptr<X509Certificate> X509Certificate::CreateFromPickleUnsafeOptions(
207 base::PickleIterator* pickle_iter,
208 UnsafeCreateOptions options) {
209 size_t chain_length = 0;
210 if (!pickle_iter->ReadLength(&chain_length))
211 return nullptr;
212
213 std::vector<base::StringPiece> cert_chain;
214 const char* data = nullptr;
215 size_t data_length = 0;
216 for (size_t i = 0; i < chain_length; ++i) {
217 if (!pickle_iter->ReadData(&data, &data_length))
218 return nullptr;
219 cert_chain.emplace_back(data, data_length);
220 }
221 return CreateFromDERCertChainUnsafeOptions(cert_chain, options);
222 }
223
224 // static
CreateCertificateListFromBytes(base::span<const uint8_t> data,int format)225 CertificateList X509Certificate::CreateCertificateListFromBytes(
226 base::span<const uint8_t> data,
227 int format) {
228 std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> certificates;
229
230 // Check to see if it is in a PEM-encoded form. This check is performed
231 // first, as both OS X and NSS will both try to convert if they detect
232 // PEM encoding, except they don't do it consistently between the two.
233 base::StringPiece data_string(reinterpret_cast<const char*>(data.data()),
234 data.size());
235 std::vector<std::string> pem_headers;
236
237 // To maintain compatibility with NSS/Firefox, CERTIFICATE is a universally
238 // valid PEM block header for any format.
239 pem_headers.push_back(kCertificateHeader);
240 if (format & FORMAT_PKCS7)
241 pem_headers.push_back(kPKCS7Header);
242
243 PEMTokenizer pem_tokenizer(data_string, pem_headers);
244 while (pem_tokenizer.GetNext()) {
245 std::string decoded(pem_tokenizer.data());
246
247 bssl::UniquePtr<CRYPTO_BUFFER> handle;
248 if (format & FORMAT_PEM_CERT_SEQUENCE) {
249 handle = CreateCertBufferFromBytesWithSanityCheck(
250 base::as_bytes(base::make_span(decoded)));
251 }
252 if (handle) {
253 // Parsed a DER encoded certificate. All PEM blocks that follow must
254 // also be DER encoded certificates wrapped inside of PEM blocks.
255 format = FORMAT_PEM_CERT_SEQUENCE;
256 certificates.push_back(std::move(handle));
257 continue;
258 }
259
260 // If the first block failed to parse as a DER certificate, and
261 // formats other than PEM are acceptable, check to see if the decoded
262 // data is one of the accepted formats.
263 if (format & ~FORMAT_PEM_CERT_SEQUENCE) {
264 for (size_t i = 0;
265 certificates.empty() && i < std::size(kFormatDecodePriority); ++i) {
266 if (format & kFormatDecodePriority[i]) {
267 certificates = CreateCertBuffersFromBytes(
268 base::as_bytes(base::make_span(decoded)),
269 kFormatDecodePriority[i]);
270 }
271 }
272 }
273
274 // Stop parsing after the first block for any format but a sequence of
275 // PEM-encoded DER certificates. The case of FORMAT_PEM_CERT_SEQUENCE
276 // is handled above, and continues processing until a certificate fails
277 // to parse.
278 break;
279 }
280
281 // Try each of the formats, in order of parse preference, to see if |data|
282 // contains the binary representation of a Format, if it failed to parse
283 // as a PEM certificate/chain.
284 for (size_t i = 0;
285 certificates.empty() && i < std::size(kFormatDecodePriority); ++i) {
286 if (format & kFormatDecodePriority[i])
287 certificates = CreateCertBuffersFromBytes(data, kFormatDecodePriority[i]);
288 }
289
290 CertificateList results;
291 // No certificates parsed.
292 if (certificates.empty())
293 return results;
294
295 for (auto& it : certificates) {
296 scoped_refptr<X509Certificate> cert = CreateFromBuffer(std::move(it), {});
297 if (cert)
298 results.push_back(std::move(cert));
299 }
300
301 return results;
302 }
303
Persist(base::Pickle * pickle) const304 void X509Certificate::Persist(base::Pickle* pickle) const {
305 DCHECK(cert_buffer_);
306 // This would be an absolutely insane number of intermediates.
307 if (intermediate_ca_certs_.size() > static_cast<size_t>(INT_MAX) - 1) {
308 NOTREACHED();
309 return;
310 }
311 pickle->WriteInt(static_cast<int>(intermediate_ca_certs_.size() + 1));
312 pickle->WriteString(x509_util::CryptoBufferAsStringPiece(cert_buffer_.get()));
313 for (const auto& intermediate : intermediate_ca_certs_) {
314 pickle->WriteString(
315 x509_util::CryptoBufferAsStringPiece(intermediate.get()));
316 }
317 }
318
GetSubjectAltName(std::vector<std::string> * dns_names,std::vector<std::string> * ip_addrs) const319 bool X509Certificate::GetSubjectAltName(
320 std::vector<std::string>* dns_names,
321 std::vector<std::string>* ip_addrs) const {
322 if (dns_names)
323 dns_names->clear();
324 if (ip_addrs)
325 ip_addrs->clear();
326
327 der::Input tbs_certificate_tlv;
328 der::Input signature_algorithm_tlv;
329 der::BitString signature_value;
330 if (!ParseCertificate(der::Input(CRYPTO_BUFFER_data(cert_buffer_.get()),
331 CRYPTO_BUFFER_len(cert_buffer_.get())),
332 &tbs_certificate_tlv, &signature_algorithm_tlv,
333 &signature_value, nullptr)) {
334 return false;
335 }
336
337 ParsedTbsCertificate tbs;
338 if (!ParseTbsCertificate(tbs_certificate_tlv,
339 x509_util::DefaultParseCertificateOptions(), &tbs,
340 nullptr))
341 return false;
342 if (!tbs.extensions_tlv)
343 return false;
344
345 std::map<der::Input, ParsedExtension> extensions;
346 if (!ParseExtensions(tbs.extensions_tlv.value(), &extensions))
347 return false;
348
349 ParsedExtension subject_alt_names_extension;
350 if (!ConsumeExtension(der::Input(kSubjectAltNameOid), &extensions,
351 &subject_alt_names_extension)) {
352 return false;
353 }
354
355 CertErrors errors;
356 std::unique_ptr<GeneralNames> subject_alt_names =
357 GeneralNames::Create(subject_alt_names_extension.value, &errors);
358 if (!subject_alt_names)
359 return false;
360
361 if (dns_names) {
362 for (const auto& dns_name : subject_alt_names->dns_names)
363 dns_names->push_back(std::string(dns_name));
364 }
365 if (ip_addrs) {
366 for (const IPAddress& addr : subject_alt_names->ip_addresses) {
367 ip_addrs->push_back(
368 std::string(reinterpret_cast<const char*>(addr.bytes().data()),
369 addr.bytes().size()));
370 }
371 }
372
373 return !subject_alt_names->dns_names.empty() ||
374 !subject_alt_names->ip_addresses.empty();
375 }
376
HasExpired() const377 bool X509Certificate::HasExpired() const {
378 return base::Time::Now() > valid_expiry();
379 }
380
EqualsExcludingChain(const X509Certificate * other) const381 bool X509Certificate::EqualsExcludingChain(const X509Certificate* other) const {
382 return x509_util::CryptoBufferEqual(cert_buffer_.get(),
383 other->cert_buffer_.get());
384 }
385
EqualsIncludingChain(const X509Certificate * other) const386 bool X509Certificate::EqualsIncludingChain(const X509Certificate* other) const {
387 if (intermediate_ca_certs_.size() != other->intermediate_ca_certs_.size() ||
388 !EqualsExcludingChain(other)) {
389 return false;
390 }
391 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) {
392 if (!x509_util::CryptoBufferEqual(intermediate_ca_certs_[i].get(),
393 other->intermediate_ca_certs_[i].get())) {
394 return false;
395 }
396 }
397 return true;
398 }
399
IsIssuedByEncoded(const std::vector<std::string> & valid_issuers) const400 bool X509Certificate::IsIssuedByEncoded(
401 const std::vector<std::string>& valid_issuers) const {
402 std::vector<std::string> normalized_issuers;
403 CertErrors errors;
404 for (const auto& raw_issuer : valid_issuers) {
405 der::Input issuer_value;
406 std::string normalized_issuer;
407 if (!ParseSequenceValue(der::Input(&raw_issuer), &issuer_value) ||
408 !NormalizeName(issuer_value, &normalized_issuer, &errors)) {
409 continue;
410 }
411 normalized_issuers.push_back(std::move(normalized_issuer));
412 }
413
414 std::string normalized_cert_issuer;
415 if (!GetNormalizedCertIssuer(cert_buffer_.get(), &normalized_cert_issuer))
416 return false;
417 if (base::Contains(normalized_issuers, normalized_cert_issuer))
418 return true;
419
420 for (const auto& intermediate : intermediate_ca_certs_) {
421 if (!GetNormalizedCertIssuer(intermediate.get(), &normalized_cert_issuer))
422 return false;
423 if (base::Contains(normalized_issuers, normalized_cert_issuer))
424 return true;
425 }
426 return false;
427 }
428
429 // static
VerifyHostname(const std::string & hostname,const std::vector<std::string> & cert_san_dns_names,const std::vector<std::string> & cert_san_ip_addrs)430 bool X509Certificate::VerifyHostname(
431 const std::string& hostname,
432 const std::vector<std::string>& cert_san_dns_names,
433 const std::vector<std::string>& cert_san_ip_addrs) {
434 DCHECK(!hostname.empty());
435
436 if (cert_san_dns_names.empty() && cert_san_ip_addrs.empty()) {
437 // Either a dNSName or iPAddress subjectAltName MUST be present in order
438 // to match, so fail quickly if not.
439 return false;
440 }
441
442 // Perform name verification following http://tools.ietf.org/html/rfc6125.
443 // The terminology used in this method is as per that RFC:-
444 // Reference identifier == the host the local user/agent is intending to
445 // access, i.e. the thing displayed in the URL bar.
446 // Presented identifier(s) == name(s) the server knows itself as, in its cert.
447
448 // CanonicalizeHost requires surrounding brackets to parse an IPv6 address.
449 const std::string host_or_ip = hostname.find(':') != std::string::npos ?
450 "[" + hostname + "]" : hostname;
451 url::CanonHostInfo host_info;
452 std::string reference_name = CanonicalizeHost(host_or_ip, &host_info);
453
454 // If the host cannot be canonicalized, fail fast.
455 if (reference_name.empty())
456 return false;
457
458 // Fully handle all cases where |hostname| contains an IP address.
459 if (host_info.IsIPAddress()) {
460 base::StringPiece ip_addr_string(
461 reinterpret_cast<const char*>(host_info.address),
462 host_info.AddressLength());
463 return base::Contains(cert_san_ip_addrs, ip_addr_string);
464 }
465
466 // The host portion of a URL may support a variety of name resolution formats
467 // and services. However, the only supported name types in this code are IP
468 // addresses, which have been handled above via iPAddress subjectAltNames,
469 // and DNS names, via dNSName subjectAltNames.
470 // Validate that the host conforms to the DNS preferred name syntax, in
471 // either relative or absolute form, and exclude the "root" label for DNS.
472 if (reference_name == "." || !IsCanonicalizedHostCompliant(reference_name))
473 return false;
474
475 // CanonicalizeHost does not normalize absolute vs relative DNS names. If
476 // the input name was absolute (included trailing .), normalize it as if it
477 // was relative.
478 if (reference_name.back() == '.')
479 reference_name.pop_back();
480
481 // |reference_domain| is the remainder of |host| after the leading host
482 // component is stripped off, but includes the leading dot e.g.
483 // "www.f.com" -> ".f.com".
484 // If there is no meaningful domain part to |host| (e.g. it contains no dots)
485 // then |reference_domain| will be empty.
486 base::StringPiece reference_host, reference_domain;
487 SplitOnChar(reference_name, '.', &reference_host, &reference_domain);
488 bool allow_wildcards = false;
489 if (!reference_domain.empty()) {
490 DCHECK(base::StartsWith(reference_domain, "."));
491
492 // Do not allow wildcards for public/ICANN registry controlled domains -
493 // that is, prevent *.com or *.co.uk as valid presented names, but do not
494 // prevent *.appspot.com (a private registry controlled domain).
495 // In addition, unknown top-level domains (such as 'intranet' domains or
496 // new TLDs/gTLDs not yet added to the registry controlled domain dataset)
497 // are also implicitly prevented.
498 // Because |reference_domain| must contain at least one name component that
499 // is not registry controlled, this ensures that all reference domains
500 // contain at least three domain components when using wildcards.
501 size_t registry_length =
502 registry_controlled_domains::GetCanonicalHostRegistryLength(
503 reference_name,
504 registry_controlled_domains::INCLUDE_UNKNOWN_REGISTRIES,
505 registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES);
506
507 // Because |reference_name| was already canonicalized, the following
508 // should never happen.
509 CHECK_NE(std::string::npos, registry_length);
510
511 // Account for the leading dot in |reference_domain|.
512 bool is_registry_controlled =
513 registry_length != 0 &&
514 registry_length == (reference_domain.size() - 1);
515
516 // Additionally, do not attempt wildcard matching for purely numeric
517 // hostnames.
518 allow_wildcards =
519 !is_registry_controlled &&
520 reference_name.find_first_not_of("0123456789.") != std::string::npos;
521 }
522
523 // Now step through the DNS names doing wild card comparison (if necessary)
524 // on each against the reference name.
525 for (const auto& cert_san_dns_name : cert_san_dns_names) {
526 // Catch badly corrupt cert names up front.
527 if (cert_san_dns_name.empty() ||
528 cert_san_dns_name.find('\0') != std::string::npos) {
529 continue;
530 }
531 std::string presented_name(base::ToLowerASCII(cert_san_dns_name));
532
533 // Remove trailing dot, if any.
534 if (*presented_name.rbegin() == '.')
535 presented_name.resize(presented_name.length() - 1);
536
537 // The hostname must be at least as long as the cert name it is matching,
538 // as we require the wildcard (if present) to match at least one character.
539 if (presented_name.length() > reference_name.length())
540 continue;
541
542 base::StringPiece presented_host, presented_domain;
543 SplitOnChar(presented_name, '.', &presented_host, &presented_domain);
544
545 if (presented_domain != reference_domain)
546 continue;
547
548 if (presented_host != "*") {
549 if (presented_host == reference_host)
550 return true;
551 continue;
552 }
553
554 if (!allow_wildcards)
555 continue;
556
557 return true;
558 }
559 return false;
560 }
561
VerifyNameMatch(const std::string & hostname) const562 bool X509Certificate::VerifyNameMatch(const std::string& hostname) const {
563 std::vector<std::string> dns_names, ip_addrs;
564 GetSubjectAltName(&dns_names, &ip_addrs);
565 return VerifyHostname(hostname, dns_names, ip_addrs);
566 }
567
568 // static
GetPEMEncodedFromDER(base::StringPiece der_encoded,std::string * pem_encoded)569 bool X509Certificate::GetPEMEncodedFromDER(base::StringPiece der_encoded,
570 std::string* pem_encoded) {
571 if (der_encoded.empty())
572 return false;
573
574 *pem_encoded = PEMEncode(der_encoded, "CERTIFICATE");
575 return true;
576 }
577
578 // static
GetPEMEncoded(const CRYPTO_BUFFER * cert_buffer,std::string * pem_encoded)579 bool X509Certificate::GetPEMEncoded(const CRYPTO_BUFFER* cert_buffer,
580 std::string* pem_encoded) {
581 return GetPEMEncodedFromDER(x509_util::CryptoBufferAsStringPiece(cert_buffer),
582 pem_encoded);
583 }
584
GetPEMEncodedChain(std::vector<std::string> * pem_encoded) const585 bool X509Certificate::GetPEMEncodedChain(
586 std::vector<std::string>* pem_encoded) const {
587 std::vector<std::string> encoded_chain;
588 std::string pem_data;
589 if (!GetPEMEncoded(cert_buffer(), &pem_data))
590 return false;
591 encoded_chain.push_back(pem_data);
592 for (const auto& intermediate_ca_cert : intermediate_ca_certs_) {
593 if (!GetPEMEncoded(intermediate_ca_cert.get(), &pem_data))
594 return false;
595 encoded_chain.push_back(pem_data);
596 }
597 pem_encoded->swap(encoded_chain);
598 return true;
599 }
600
601 // static
GetPublicKeyInfo(const CRYPTO_BUFFER * cert_buffer,size_t * size_bits,PublicKeyType * type)602 void X509Certificate::GetPublicKeyInfo(const CRYPTO_BUFFER* cert_buffer,
603 size_t* size_bits,
604 PublicKeyType* type) {
605 *type = kPublicKeyTypeUnknown;
606 *size_bits = 0;
607
608 base::StringPiece spki;
609 if (!asn1::ExtractSPKIFromDERCert(
610 base::StringPiece(
611 reinterpret_cast<const char*>(CRYPTO_BUFFER_data(cert_buffer)),
612 CRYPTO_BUFFER_len(cert_buffer)),
613 &spki)) {
614 return;
615 }
616
617 bssl::UniquePtr<EVP_PKEY> pkey;
618 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
619 CBS cbs;
620 CBS_init(&cbs, reinterpret_cast<const uint8_t*>(spki.data()), spki.size());
621 pkey.reset(EVP_parse_public_key(&cbs));
622 if (!pkey)
623 return;
624
625 switch (EVP_PKEY_id(pkey.get())) {
626 case EVP_PKEY_RSA:
627 *type = kPublicKeyTypeRSA;
628 break;
629 case EVP_PKEY_DSA:
630 *type = kPublicKeyTypeDSA;
631 break;
632 case EVP_PKEY_EC:
633 *type = kPublicKeyTypeECDSA;
634 break;
635 case EVP_PKEY_DH:
636 *type = kPublicKeyTypeDH;
637 break;
638 }
639 *size_bits = base::saturated_cast<size_t>(EVP_PKEY_bits(pkey.get()));
640 }
641
642 // static
643 std::vector<bssl::UniquePtr<CRYPTO_BUFFER>>
CreateCertBuffersFromBytes(base::span<const uint8_t> data,Format format)644 X509Certificate::CreateCertBuffersFromBytes(base::span<const uint8_t> data,
645 Format format) {
646 std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> results;
647
648 switch (format) {
649 case FORMAT_SINGLE_CERTIFICATE: {
650 bssl::UniquePtr<CRYPTO_BUFFER> handle =
651 CreateCertBufferFromBytesWithSanityCheck(data);
652 if (handle)
653 results.push_back(std::move(handle));
654 break;
655 }
656 case FORMAT_PKCS7: {
657 x509_util::CreateCertBuffersFromPKCS7Bytes(data, &results);
658 break;
659 }
660 default: {
661 NOTREACHED() << "Certificate format " << format << " unimplemented";
662 break;
663 }
664 }
665
666 return results;
667 }
668
669 // static
CalculateFingerprint256(const CRYPTO_BUFFER * cert)670 SHA256HashValue X509Certificate::CalculateFingerprint256(
671 const CRYPTO_BUFFER* cert) {
672 SHA256HashValue sha256;
673
674 SHA256(CRYPTO_BUFFER_data(cert), CRYPTO_BUFFER_len(cert), sha256.data);
675 return sha256;
676 }
677
CalculateChainFingerprint256() const678 SHA256HashValue X509Certificate::CalculateChainFingerprint256() const {
679 SHA256HashValue sha256;
680 memset(sha256.data, 0, sizeof(sha256.data));
681
682 SHA256_CTX sha256_ctx;
683 SHA256_Init(&sha256_ctx);
684 SHA256_Update(&sha256_ctx, CRYPTO_BUFFER_data(cert_buffer_.get()),
685 CRYPTO_BUFFER_len(cert_buffer_.get()));
686 for (const auto& cert : intermediate_ca_certs_) {
687 SHA256_Update(&sha256_ctx, CRYPTO_BUFFER_data(cert.get()),
688 CRYPTO_BUFFER_len(cert.get()));
689 }
690 SHA256_Final(sha256.data, &sha256_ctx);
691
692 return sha256;
693 }
694
695 // static
IsSelfSigned(CRYPTO_BUFFER * cert_buffer)696 bool X509Certificate::IsSelfSigned(CRYPTO_BUFFER* cert_buffer) {
697 std::shared_ptr<const ParsedCertificate> parsed_cert =
698 ParsedCertificate::Create(bssl::UpRef(cert_buffer),
699 x509_util::DefaultParseCertificateOptions(),
700 /*errors=*/nullptr);
701 if (!parsed_cert) {
702 return false;
703 }
704 return VerifyCertificateIsSelfSigned(*parsed_cert, /*cache=*/nullptr,
705 /*errors=*/nullptr);
706 }
707
X509Certificate(bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer,std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediates)708 X509Certificate::X509Certificate(
709 bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer,
710 std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediates)
711 : X509Certificate(std::move(cert_buffer), std::move(intermediates), {}) {}
712
X509Certificate(bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer,std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediates,UnsafeCreateOptions options)713 X509Certificate::X509Certificate(
714 bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer,
715 std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediates,
716 UnsafeCreateOptions options)
717 : cert_buffer_(std::move(cert_buffer)),
718 intermediate_ca_certs_(std::move(intermediates)) {
719 // Platform-specific initialization.
720 if (!Initialize(options) && cert_buffer_) {
721 // Signal initialization failure by clearing cert_buffer_.
722 cert_buffer_.reset();
723 }
724 }
725
726 X509Certificate::~X509Certificate() = default;
727
Initialize(UnsafeCreateOptions options)728 bool X509Certificate::Initialize(UnsafeCreateOptions options) {
729 der::Input tbs_certificate_tlv;
730 der::Input signature_algorithm_tlv;
731 der::BitString signature_value;
732
733 if (!ParseCertificate(der::Input(CRYPTO_BUFFER_data(cert_buffer_.get()),
734 CRYPTO_BUFFER_len(cert_buffer_.get())),
735 &tbs_certificate_tlv, &signature_algorithm_tlv,
736 &signature_value, nullptr)) {
737 return false;
738 }
739
740 ParsedTbsCertificate tbs;
741 if (!ParseTbsCertificate(tbs_certificate_tlv,
742 x509_util::DefaultParseCertificateOptions(), &tbs,
743 nullptr))
744 return false;
745
746 CertPrincipal::PrintableStringHandling printable_string_handling =
747 options.printable_string_is_utf8
748 ? CertPrincipal::PrintableStringHandling::kAsUTF8Hack
749 : CertPrincipal::PrintableStringHandling::kDefault;
750 if (!subject_.ParseDistinguishedName(tbs.subject_tlv,
751 printable_string_handling) ||
752 !issuer_.ParseDistinguishedName(tbs.issuer_tlv,
753 printable_string_handling)) {
754 return false;
755 }
756
757 if (!der::GeneralizedTimeToTime(tbs.validity_not_before, &valid_start_) ||
758 !der::GeneralizedTimeToTime(tbs.validity_not_after, &valid_expiry_)) {
759 return false;
760 }
761 serial_number_ = tbs.serial_number.AsString();
762 return true;
763 }
764
765 } // namespace net
766