1 /*
2 * Copyright (C) 2010 Apple Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23 * THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26 #include "config.h"
27 #include "PlatformCertificateInfo.h"
28
29 #include "ArgumentDecoder.h"
30 #include "ArgumentEncoder.h"
31 #include <WebCore/ResourceResponse.h>
32
33 #if USE(CG)
34 #include <WebKitSystemInterface/WebKitSystemInterface.h>
35 #endif
36
37 using namespace WebCore;
38
39 namespace WebKit {
40
PlatformCertificateInfo()41 PlatformCertificateInfo::PlatformCertificateInfo()
42 {
43 }
44
PlatformCertificateInfo(const ResourceResponse & response)45 PlatformCertificateInfo::PlatformCertificateInfo(const ResourceResponse& response)
46 {
47 CFURLResponseRef cfResponse = response.cfURLResponse();
48 if (!cfResponse)
49 return;
50
51 #if USE(CG)
52 CFDictionaryRef certificateInfo = wkGetSSLCertificateInfo(cfResponse);
53 if (!certificateInfo)
54 return;
55
56 void* data = wkGetSSLCertificateChainContext(certificateInfo);
57 if (!data)
58 return;
59
60 PCCERT_CHAIN_CONTEXT chainContext = static_cast<PCCERT_CHAIN_CONTEXT>(data);
61 if (chainContext->cChain < 1)
62 return;
63
64 // The first simple chain starts with the leaf certificate and ends with a trusted root or self-signed certificate.
65 PCERT_SIMPLE_CHAIN firstSimpleChain = chainContext->rgpChain[0];
66 for (unsigned i = 0; i < firstSimpleChain->cElement; ++i) {
67 PCCERT_CONTEXT certificateContext = firstSimpleChain->rgpElement[i]->pCertContext;
68 PCCERT_CONTEXT certificateContextCopy = ::CertDuplicateCertificateContext(certificateContext);
69 m_certificateChain.append(certificateContextCopy);
70 }
71 #else
72 // FIXME: WinCairo implementation
73 #endif
74 }
75
PlatformCertificateInfo(PCCERT_CONTEXT certificateContext)76 PlatformCertificateInfo::PlatformCertificateInfo(PCCERT_CONTEXT certificateContext)
77 {
78 if (!certificateContext)
79 return;
80
81 PCCERT_CONTEXT certificateContextCopy = ::CertDuplicateCertificateContext(certificateContext);
82 m_certificateChain.append(certificateContextCopy);
83 }
84
~PlatformCertificateInfo()85 PlatformCertificateInfo::~PlatformCertificateInfo()
86 {
87 clearCertificateChain();
88 }
89
PlatformCertificateInfo(const PlatformCertificateInfo & other)90 PlatformCertificateInfo::PlatformCertificateInfo(const PlatformCertificateInfo& other)
91 {
92 for (size_t i = 0; i < other.m_certificateChain.size(); ++i) {
93 PCCERT_CONTEXT certificateContextCopy = ::CertDuplicateCertificateContext(other.m_certificateChain[i]);
94 m_certificateChain.append(certificateContextCopy);
95 }
96 }
97
operator =(const PlatformCertificateInfo & other)98 PlatformCertificateInfo& PlatformCertificateInfo::operator=(const PlatformCertificateInfo& other)
99 {
100 clearCertificateChain();
101 for (size_t i = 0; i < other.m_certificateChain.size(); ++i) {
102 PCCERT_CONTEXT certificateContextCopy = ::CertDuplicateCertificateContext(other.m_certificateChain[i]);
103 m_certificateChain.append(certificateContextCopy);
104 }
105 return *this;
106 }
107
encode(CoreIPC::ArgumentEncoder * encoder) const108 void PlatformCertificateInfo::encode(CoreIPC::ArgumentEncoder* encoder) const
109 {
110 // Special case no certificates
111 if (m_certificateChain.isEmpty()) {
112 encoder->encodeUInt64(std::numeric_limits<uint64_t>::max());
113 return;
114 }
115
116 uint64_t length = m_certificateChain.size();
117 encoder->encodeUInt64(length);
118
119 for (size_t i = 0; i < length; ++i)
120 encoder->encodeBytes(static_cast<uint8_t*>(m_certificateChain[i]->pbCertEncoded), m_certificateChain[i]->cbCertEncoded);
121 }
122
decode(CoreIPC::ArgumentDecoder * decoder,PlatformCertificateInfo & c)123 bool PlatformCertificateInfo::decode(CoreIPC::ArgumentDecoder* decoder, PlatformCertificateInfo& c)
124 {
125 uint64_t length;
126 if (!decoder->decode(length))
127 return false;
128
129 if (length == std::numeric_limits<uint64_t>::max()) {
130 // This is the no certificates case.
131 return true;
132 }
133
134 for (size_t i = 0; i < length; ++i) {
135 Vector<uint8_t> bytes;
136 if (!decoder->decodeBytes(bytes)) {
137 c.clearCertificateChain();
138 return false;
139 }
140
141 PCCERT_CONTEXT certificateContext = ::CertCreateCertificateContext(PKCS_7_ASN_ENCODING | X509_ASN_ENCODING, bytes.data(), bytes.size());
142 if (!certificateContext) {
143 c.clearCertificateChain();
144 return false;
145 }
146
147 c.m_certificateChain.append(certificateContext);
148 }
149
150 return true;
151 }
152
clearCertificateChain()153 void PlatformCertificateInfo::clearCertificateChain()
154 {
155 for (size_t i = 0; i < m_certificateChain.size(); ++i)
156 ::CertFreeCertificateContext(m_certificateChain[i]);
157 m_certificateChain.clear();
158 }
159
160 } // namespace WebKit
161