• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "net/cert/x509_certificate.h"
6 
7 #include <stdlib.h>
8 
9 #include <algorithm>
10 #include <map>
11 #include <string>
12 #include <vector>
13 
14 #include "base/base64.h"
15 #include "base/lazy_instance.h"
16 #include "base/logging.h"
17 #include "base/memory/scoped_ptr.h"
18 #include "base/memory/singleton.h"
19 #include "base/metrics/histogram.h"
20 #include "base/pickle.h"
21 #include "base/sha1.h"
22 #include "base/strings/string_piece.h"
23 #include "base/strings/string_util.h"
24 #include "base/synchronization/lock.h"
25 #include "base/time/time.h"
26 #include "crypto/secure_hash.h"
27 #include "net/base/net_util.h"
28 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
29 #include "net/cert/pem_tokenizer.h"
30 #include "url/url_canon.h"
31 
32 namespace net {
33 
34 namespace {
35 
36 // Indicates the order to use when trying to decode binary data, which is
37 // based on (speculation) as to what will be most common -> least common
38 const X509Certificate::Format kFormatDecodePriority[] = {
39   X509Certificate::FORMAT_SINGLE_CERTIFICATE,
40   X509Certificate::FORMAT_PKCS7
41 };
42 
43 // The PEM block header used for DER certificates
44 const char kCertificateHeader[] = "CERTIFICATE";
45 // The PEM block header used for PKCS#7 data
46 const char kPKCS7Header[] = "PKCS7";
47 
48 #if !defined(USE_NSS)
49 // A thread-safe cache for OS certificate handles.
50 //
51 // Within each of the supported underlying crypto libraries, a certificate
52 // handle is represented as a ref-counted object that contains the parsed
53 // data for the certificate. In addition, the underlying OS handle may also
54 // contain a copy of the original ASN.1 DER used to constructed the handle.
55 //
56 // In order to reduce the memory usage when multiple SSL connections exist,
57 // with each connection storing the server's identity certificate plus any
58 // intermediates supplied, the certificate handles are cached. Any two
59 // X509Certificates that were created from the same ASN.1 DER data,
60 // regardless of where that data came from, will share the same underlying
61 // OS certificate handle.
62 class X509CertificateCache {
63  public:
64   // Performs a compare-and-swap like operation. If an OS certificate handle
65   // for the same certificate data as |*cert_handle| already exists in the
66   // cache, the original |*cert_handle| will be freed and |cert_handle|
67   // will be updated to point to a duplicated reference to the existing cached
68   // certificate, with the caller taking ownership of this duplicated handle.
69   // If an equivalent OS certificate handle is not found, a duplicated
70   // reference to |*cert_handle| will be added to the cache. In either case,
71   // upon return, the caller fully owns |*cert_handle| and is responsible for
72   // calling FreeOSCertHandle(), after first calling Remove().
73   void InsertOrUpdate(X509Certificate::OSCertHandle* cert_handle);
74 
75   // Decrements the cache reference count for |cert_handle|, a handle that was
76   // previously obtained by calling InsertOrUpdate(). If this is the last
77   // cached reference held, this will remove the handle from the cache. The
78   // caller retains ownership of |cert_handle| and remains responsible for
79   // calling FreeOSCertHandle() to release the underlying OS certificate
80   void Remove(X509Certificate::OSCertHandle cert_handle);
81 
82  private:
83   // A single entry in the cache. Certificates will be keyed by their SHA1
84   // fingerprints, but will not be considered equivalent unless the entire
85   // certificate data matches.
86   struct Entry {
Entrynet::__anond3528ae10111::X509CertificateCache::Entry87     Entry() : cert_handle(NULL), ref_count(0) {}
88 
89     X509Certificate::OSCertHandle cert_handle;
90 
91     // Increased by each call to InsertOrUpdate(), and balanced by each call
92     // to Remove(). When it equals 0, all references created by
93     // InsertOrUpdate() have been released, so the cache entry will be removed
94     // the cached OS certificate handle will be freed.
95     int ref_count;
96   };
97   typedef std::map<SHA1HashValue, Entry, SHA1HashValueLessThan> CertMap;
98 
99   // Obtain an instance of X509CertificateCache via a LazyInstance.
X509CertificateCache()100   X509CertificateCache() {}
~X509CertificateCache()101   ~X509CertificateCache() {}
102   friend struct base::DefaultLazyInstanceTraits<X509CertificateCache>;
103 
104   // You must acquire this lock before using any private data of this object
105   // You must not block while holding this lock.
106   base::Lock lock_;
107 
108   // The certificate cache.  You must acquire |lock_| before using |cache_|.
109   CertMap cache_;
110 
111   DISALLOW_COPY_AND_ASSIGN(X509CertificateCache);
112 };
113 
114 base::LazyInstance<X509CertificateCache>::Leaky
115     g_x509_certificate_cache = LAZY_INSTANCE_INITIALIZER;
116 
InsertOrUpdate(X509Certificate::OSCertHandle * cert_handle)117 void X509CertificateCache::InsertOrUpdate(
118     X509Certificate::OSCertHandle* cert_handle) {
119   DCHECK(cert_handle);
120   SHA1HashValue fingerprint =
121       X509Certificate::CalculateFingerprint(*cert_handle);
122 
123   X509Certificate::OSCertHandle old_handle = NULL;
124   {
125     base::AutoLock lock(lock_);
126     CertMap::iterator pos = cache_.find(fingerprint);
127     if (pos == cache_.end()) {
128       // A cached entry was not found, so initialize a new entry. The entry
129       // assumes ownership of the current |*cert_handle|.
130       Entry cache_entry;
131       cache_entry.cert_handle = *cert_handle;
132       cache_entry.ref_count = 0;
133       CertMap::value_type cache_value(fingerprint, cache_entry);
134       pos = cache_.insert(cache_value).first;
135     } else {
136       bool is_same_cert =
137           X509Certificate::IsSameOSCert(*cert_handle, pos->second.cert_handle);
138       if (!is_same_cert) {
139         // Two certificates don't match, due to a SHA1 hash collision. Given
140         // the low probability, the simplest solution is to not cache the
141         // certificate, which should not affect performance too negatively.
142         return;
143       }
144       // A cached entry was found and will be used instead of the caller's
145       // handle. Ensure the caller's original handle will be freed, since
146       // ownership is assumed.
147       old_handle = *cert_handle;
148     }
149     // Whether an existing cached handle or a new handle, increment the
150     // cache's reference count and return a handle that the caller can own.
151     ++pos->second.ref_count;
152     *cert_handle = X509Certificate::DupOSCertHandle(pos->second.cert_handle);
153   }
154   // If the caller's handle was replaced with a cached handle, free the
155   // original handle now. This is done outside of the lock because
156   // |old_handle| may be the only handle for this particular certificate, so
157   // freeing it may be complex or resource-intensive and does not need to
158   // be guarded by the lock.
159   if (old_handle) {
160     X509Certificate::FreeOSCertHandle(old_handle);
161 #ifndef NDEBUG
162     LOCAL_HISTOGRAM_BOOLEAN("X509CertificateReuseCount", true);
163 #endif
164   }
165 }
166 
Remove(X509Certificate::OSCertHandle cert_handle)167 void X509CertificateCache::Remove(X509Certificate::OSCertHandle cert_handle) {
168   SHA1HashValue fingerprint =
169       X509Certificate::CalculateFingerprint(cert_handle);
170   base::AutoLock lock(lock_);
171 
172   CertMap::iterator pos = cache_.find(fingerprint);
173   if (pos == cache_.end())
174     return;  // A hash collision where the winning cert was already freed.
175 
176   bool is_same_cert = X509Certificate::IsSameOSCert(cert_handle,
177                                                     pos->second.cert_handle);
178   if (!is_same_cert)
179     return;  // A hash collision where the winning cert is still around.
180 
181   if (--pos->second.ref_count == 0) {
182     // The last reference to |cert_handle| has been removed, so release the
183     // Entry's OS handle and remove the Entry. The caller still holds a
184     // reference to |cert_handle| and is responsible for freeing it.
185     X509Certificate::FreeOSCertHandle(pos->second.cert_handle);
186     cache_.erase(pos);
187   }
188 }
189 #endif  // !defined(USE_NSS)
190 
191 // See X509CertificateCache::InsertOrUpdate. NSS has a built-in cache, so there
192 // is no point in wrapping another cache around it.
InsertOrUpdateCache(X509Certificate::OSCertHandle * cert_handle)193 void InsertOrUpdateCache(X509Certificate::OSCertHandle* cert_handle) {
194 #if !defined(USE_NSS)
195   g_x509_certificate_cache.Pointer()->InsertOrUpdate(cert_handle);
196 #endif
197 }
198 
199 // See X509CertificateCache::Remove.
RemoveFromCache(X509Certificate::OSCertHandle cert_handle)200 void RemoveFromCache(X509Certificate::OSCertHandle cert_handle) {
201 #if !defined(USE_NSS)
202   g_x509_certificate_cache.Pointer()->Remove(cert_handle);
203 #endif
204 }
205 
206 // Utility to split |src| on the first occurrence of |c|, if any. |right| will
207 // either be empty if |c| was not found, or will contain the remainder of the
208 // string including the split character itself.
SplitOnChar(const base::StringPiece & src,char c,base::StringPiece * left,base::StringPiece * right)209 void SplitOnChar(const base::StringPiece& src,
210                  char c,
211                  base::StringPiece* left,
212                  base::StringPiece* right) {
213   size_t pos = src.find(c);
214   if (pos == base::StringPiece::npos) {
215     *left = src;
216     right->clear();
217   } else {
218     *left = src.substr(0, pos);
219     *right = src.substr(pos);
220   }
221 }
222 
223 }  // namespace
224 
operator ()(const scoped_refptr<X509Certificate> & lhs,const scoped_refptr<X509Certificate> & rhs) const225 bool X509Certificate::LessThan::operator()(
226     const scoped_refptr<X509Certificate>& lhs,
227     const scoped_refptr<X509Certificate>& rhs) const {
228   if (lhs.get() == rhs.get())
229     return false;
230 
231   int rv = memcmp(lhs->fingerprint_.data, rhs->fingerprint_.data,
232                   sizeof(lhs->fingerprint_.data));
233   if (rv != 0)
234     return rv < 0;
235 
236   rv = memcmp(lhs->ca_fingerprint_.data, rhs->ca_fingerprint_.data,
237               sizeof(lhs->ca_fingerprint_.data));
238   return rv < 0;
239 }
240 
X509Certificate(const std::string & subject,const std::string & issuer,base::Time start_date,base::Time expiration_date)241 X509Certificate::X509Certificate(const std::string& subject,
242                                  const std::string& issuer,
243                                  base::Time start_date,
244                                  base::Time expiration_date)
245     : subject_(subject),
246       issuer_(issuer),
247       valid_start_(start_date),
248       valid_expiry_(expiration_date),
249       cert_handle_(NULL) {
250   memset(fingerprint_.data, 0, sizeof(fingerprint_.data));
251   memset(ca_fingerprint_.data, 0, sizeof(ca_fingerprint_.data));
252 }
253 
254 // static
CreateFromHandle(OSCertHandle cert_handle,const OSCertHandles & intermediates)255 X509Certificate* X509Certificate::CreateFromHandle(
256     OSCertHandle cert_handle,
257     const OSCertHandles& intermediates) {
258   DCHECK(cert_handle);
259   return new X509Certificate(cert_handle, intermediates);
260 }
261 
262 // static
CreateFromDERCertChain(const std::vector<base::StringPiece> & der_certs)263 X509Certificate* X509Certificate::CreateFromDERCertChain(
264     const std::vector<base::StringPiece>& der_certs) {
265   if (der_certs.empty())
266     return NULL;
267 
268   X509Certificate::OSCertHandles intermediate_ca_certs;
269   for (size_t i = 1; i < der_certs.size(); i++) {
270     OSCertHandle handle = CreateOSCertHandleFromBytes(
271         const_cast<char*>(der_certs[i].data()), der_certs[i].size());
272     if (!handle)
273       break;
274     intermediate_ca_certs.push_back(handle);
275   }
276 
277   OSCertHandle handle = NULL;
278   // Return NULL if we failed to parse any of the certs.
279   if (der_certs.size() - 1 == intermediate_ca_certs.size()) {
280     handle = CreateOSCertHandleFromBytes(
281         const_cast<char*>(der_certs[0].data()), der_certs[0].size());
282   }
283 
284   X509Certificate* cert = NULL;
285   if (handle) {
286     cert = CreateFromHandle(handle, intermediate_ca_certs);
287     FreeOSCertHandle(handle);
288   }
289 
290   for (size_t i = 0; i < intermediate_ca_certs.size(); i++)
291     FreeOSCertHandle(intermediate_ca_certs[i]);
292 
293   return cert;
294 }
295 
296 // static
CreateFromBytes(const char * data,int length)297 X509Certificate* X509Certificate::CreateFromBytes(const char* data,
298                                                   int length) {
299   OSCertHandle cert_handle = CreateOSCertHandleFromBytes(data, length);
300   if (!cert_handle)
301     return NULL;
302 
303   X509Certificate* cert = CreateFromHandle(cert_handle, OSCertHandles());
304   FreeOSCertHandle(cert_handle);
305   return cert;
306 }
307 
308 // static
CreateFromPickle(const Pickle & pickle,PickleIterator * pickle_iter,PickleType type)309 X509Certificate* X509Certificate::CreateFromPickle(const Pickle& pickle,
310                                                    PickleIterator* pickle_iter,
311                                                    PickleType type) {
312   if (type == PICKLETYPE_CERTIFICATE_CHAIN_V3) {
313     int chain_length = 0;
314     if (!pickle_iter->ReadLength(&chain_length))
315       return NULL;
316 
317     std::vector<base::StringPiece> cert_chain;
318     const char* data = NULL;
319     int data_length = 0;
320     for (int i = 0; i < chain_length; ++i) {
321       if (!pickle_iter->ReadData(&data, &data_length))
322         return NULL;
323       cert_chain.push_back(base::StringPiece(data, data_length));
324     }
325     return CreateFromDERCertChain(cert_chain);
326   }
327 
328   // Legacy / Migration code. This should eventually be removed once
329   // sufficient time has passed that all pickles serialized prior to
330   // PICKLETYPE_CERTIFICATE_CHAIN_V3 have been removed.
331   OSCertHandle cert_handle = ReadOSCertHandleFromPickle(pickle_iter);
332   if (!cert_handle)
333     return NULL;
334 
335   OSCertHandles intermediates;
336   uint32 num_intermediates = 0;
337   if (type != PICKLETYPE_SINGLE_CERTIFICATE) {
338     if (!pickle_iter->ReadUInt32(&num_intermediates)) {
339       FreeOSCertHandle(cert_handle);
340       return NULL;
341     }
342 
343 #if defined(OS_POSIX) && !defined(OS_MACOSX) && defined(__x86_64__)
344     // On 64-bit Linux (and any other 64-bit platforms), the intermediate count
345     // might really be a 64-bit field since we used to use Pickle::WriteSize(),
346     // which writes either 32 or 64 bits depending on the architecture. Since
347     // x86-64 is little-endian, if that happens, the next 32 bits will be all
348     // zeroes (the high bits) and the 32 bits we already read above are the
349     // correct value (we assume there are never more than 2^32 - 1 intermediate
350     // certificates in a chain; in practice, more than a dozen or so is
351     // basically unheard of). Since it's invalid for a certificate to start with
352     // 32 bits of zeroes, we check for that here and skip it if we find it. We
353     // save a copy of the pickle iterator to restore in case we don't get 32
354     // bits of zeroes. Now we always write 32 bits, so after a while, these old
355     // cached pickles will all get replaced.
356     // TODO(mdm): remove this compatibility code in April 2013 or so.
357     PickleIterator saved_iter = *pickle_iter;
358     uint32 zero_check = 0;
359     if (!pickle_iter->ReadUInt32(&zero_check)) {
360       // This may not be an error. If there are no intermediates, and we're
361       // reading an old 32-bit pickle, and there's nothing else after this in
362       // the pickle, we should report success. Note that it is technically
363       // possible for us to skip over zeroes that should have occurred after
364       // an empty certificate list; to avoid this going forward, only do this
365       // backward-compatibility stuff for PICKLETYPE_CERTIFICATE_CHAIN_V1
366       // which comes from the pickle version number in http_response_info.cc.
367       if (num_intermediates) {
368         FreeOSCertHandle(cert_handle);
369         return NULL;
370       }
371     }
372     if (zero_check)
373       *pickle_iter = saved_iter;
374 #endif  // defined(OS_POSIX) && !defined(OS_MACOSX) && defined(__x86_64__)
375 
376     for (uint32 i = 0; i < num_intermediates; ++i) {
377       OSCertHandle intermediate = ReadOSCertHandleFromPickle(pickle_iter);
378       if (!intermediate)
379         break;
380       intermediates.push_back(intermediate);
381     }
382   }
383 
384   X509Certificate* cert = NULL;
385   if (intermediates.size() == num_intermediates)
386     cert = CreateFromHandle(cert_handle, intermediates);
387   FreeOSCertHandle(cert_handle);
388   for (size_t i = 0; i < intermediates.size(); ++i)
389     FreeOSCertHandle(intermediates[i]);
390 
391   return cert;
392 }
393 
394 // static
CreateCertificateListFromBytes(const char * data,int length,int format)395 CertificateList X509Certificate::CreateCertificateListFromBytes(
396     const char* data, int length, int format) {
397   OSCertHandles certificates;
398 
399   // Check to see if it is in a PEM-encoded form. This check is performed
400   // first, as both OS X and NSS will both try to convert if they detect
401   // PEM encoding, except they don't do it consistently between the two.
402   base::StringPiece data_string(data, length);
403   std::vector<std::string> pem_headers;
404 
405   // To maintain compatibility with NSS/Firefox, CERTIFICATE is a universally
406   // valid PEM block header for any format.
407   pem_headers.push_back(kCertificateHeader);
408   if (format & FORMAT_PKCS7)
409     pem_headers.push_back(kPKCS7Header);
410 
411   PEMTokenizer pem_tok(data_string, pem_headers);
412   while (pem_tok.GetNext()) {
413     std::string decoded(pem_tok.data());
414 
415     OSCertHandle handle = NULL;
416     if (format & FORMAT_PEM_CERT_SEQUENCE)
417       handle = CreateOSCertHandleFromBytes(decoded.c_str(), decoded.size());
418     if (handle != NULL) {
419       // Parsed a DER encoded certificate. All PEM blocks that follow must
420       // also be DER encoded certificates wrapped inside of PEM blocks.
421       format = FORMAT_PEM_CERT_SEQUENCE;
422       certificates.push_back(handle);
423       continue;
424     }
425 
426     // If the first block failed to parse as a DER certificate, and
427     // formats other than PEM are acceptable, check to see if the decoded
428     // data is one of the accepted formats.
429     if (format & ~FORMAT_PEM_CERT_SEQUENCE) {
430       for (size_t i = 0; certificates.empty() &&
431            i < arraysize(kFormatDecodePriority); ++i) {
432         if (format & kFormatDecodePriority[i]) {
433           certificates = CreateOSCertHandlesFromBytes(decoded.c_str(),
434               decoded.size(), kFormatDecodePriority[i]);
435         }
436       }
437     }
438 
439     // Stop parsing after the first block for any format but a sequence of
440     // PEM-encoded DER certificates. The case of FORMAT_PEM_CERT_SEQUENCE
441     // is handled above, and continues processing until a certificate fails
442     // to parse.
443     break;
444   }
445 
446   // Try each of the formats, in order of parse preference, to see if |data|
447   // contains the binary representation of a Format, if it failed to parse
448   // as a PEM certificate/chain.
449   for (size_t i = 0; certificates.empty() &&
450        i < arraysize(kFormatDecodePriority); ++i) {
451     if (format & kFormatDecodePriority[i])
452       certificates = CreateOSCertHandlesFromBytes(data, length,
453                                                   kFormatDecodePriority[i]);
454   }
455 
456   CertificateList results;
457   // No certificates parsed.
458   if (certificates.empty())
459     return results;
460 
461   for (OSCertHandles::iterator it = certificates.begin();
462        it != certificates.end(); ++it) {
463     X509Certificate* result = CreateFromHandle(*it, OSCertHandles());
464     results.push_back(scoped_refptr<X509Certificate>(result));
465     FreeOSCertHandle(*it);
466   }
467 
468   return results;
469 }
470 
Persist(Pickle * pickle)471 void X509Certificate::Persist(Pickle* pickle) {
472   DCHECK(cert_handle_);
473   // This would be an absolutely insane number of intermediates.
474   if (intermediate_ca_certs_.size() > static_cast<size_t>(INT_MAX) - 1) {
475     NOTREACHED();
476     return;
477   }
478   if (!pickle->WriteInt(
479           static_cast<int>(intermediate_ca_certs_.size() + 1)) ||
480       !WriteOSCertHandleToPickle(cert_handle_, pickle)) {
481     NOTREACHED();
482     return;
483   }
484   for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) {
485     if (!WriteOSCertHandleToPickle(intermediate_ca_certs_[i], pickle)) {
486       NOTREACHED();
487       return;
488     }
489   }
490 }
491 
GetDNSNames(std::vector<std::string> * dns_names) const492 void X509Certificate::GetDNSNames(std::vector<std::string>* dns_names) const {
493   GetSubjectAltName(dns_names, NULL);
494   if (dns_names->empty())
495     dns_names->push_back(subject_.common_name);
496 }
497 
HasExpired() const498 bool X509Certificate::HasExpired() const {
499   return base::Time::Now() > valid_expiry();
500 }
501 
Equals(const X509Certificate * other) const502 bool X509Certificate::Equals(const X509Certificate* other) const {
503   return IsSameOSCert(cert_handle_, other->cert_handle_);
504 }
505 
506 // static
VerifyHostname(const std::string & hostname,const std::string & cert_common_name,const std::vector<std::string> & cert_san_dns_names,const std::vector<std::string> & cert_san_ip_addrs,bool * common_name_fallback_used)507 bool X509Certificate::VerifyHostname(
508     const std::string& hostname,
509     const std::string& cert_common_name,
510     const std::vector<std::string>& cert_san_dns_names,
511     const std::vector<std::string>& cert_san_ip_addrs,
512     bool* common_name_fallback_used) {
513   DCHECK(!hostname.empty());
514   // Perform name verification following http://tools.ietf.org/html/rfc6125.
515   // The terminology used in this method is as per that RFC:-
516   // Reference identifier == the host the local user/agent is intending to
517   //                         access, i.e. the thing displayed in the URL bar.
518   // Presented identifier(s) == name(s) the server knows itself as, in its cert.
519 
520   // CanonicalizeHost requires surrounding brackets to parse an IPv6 address.
521   const std::string host_or_ip = hostname.find(':') != std::string::npos ?
522       "[" + hostname + "]" : hostname;
523   url::CanonHostInfo host_info;
524   std::string reference_name = CanonicalizeHost(host_or_ip, &host_info);
525   // CanonicalizeHost does not normalize absolute vs relative DNS names. If
526   // the input name was absolute (included trailing .), normalize it as if it
527   // was relative.
528   if (!reference_name.empty() && *reference_name.rbegin() == '.')
529     reference_name.resize(reference_name.size() - 1);
530   if (reference_name.empty())
531     return false;
532 
533   // Allow fallback to Common name matching?
534   const bool common_name_fallback = cert_san_dns_names.empty() &&
535                                     cert_san_ip_addrs.empty();
536   *common_name_fallback_used = common_name_fallback;
537 
538   // Fully handle all cases where |hostname| contains an IP address.
539   if (host_info.IsIPAddress()) {
540     if (common_name_fallback && host_info.family == url::CanonHostInfo::IPV4) {
541       // Fallback to Common name matching. As this is deprecated and only
542       // supported for compatibility refuse it for IPv6 addresses.
543       return reference_name == cert_common_name;
544     }
545     base::StringPiece ip_addr_string(
546         reinterpret_cast<const char*>(host_info.address),
547         host_info.AddressLength());
548     return std::find(cert_san_ip_addrs.begin(), cert_san_ip_addrs.end(),
549                      ip_addr_string) != cert_san_ip_addrs.end();
550   }
551 
552   // |reference_domain| is the remainder of |host| after the leading host
553   // component is stripped off, but includes the leading dot e.g.
554   // "www.f.com" -> ".f.com".
555   // If there is no meaningful domain part to |host| (e.g. it contains no dots)
556   // then |reference_domain| will be empty.
557   base::StringPiece reference_host, reference_domain;
558   SplitOnChar(reference_name, '.', &reference_host, &reference_domain);
559   bool allow_wildcards = false;
560   if (!reference_domain.empty()) {
561     DCHECK(reference_domain.starts_with("."));
562 
563     // Do not allow wildcards for public/ICANN registry controlled domains -
564     // that is, prevent *.com or *.co.uk as valid presented names, but do not
565     // prevent *.appspot.com (a private registry controlled domain).
566     // In addition, unknown top-level domains (such as 'intranet' domains or
567     // new TLDs/gTLDs not yet added to the registry controlled domain dataset)
568     // are also implicitly prevented.
569     // Because |reference_domain| must contain at least one name component that
570     // is not registry controlled, this ensures that all reference domains
571     // contain at least three domain components when using wildcards.
572     size_t registry_length =
573         registry_controlled_domains::GetRegistryLength(
574             reference_name,
575             registry_controlled_domains::INCLUDE_UNKNOWN_REGISTRIES,
576             registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES);
577 
578     // Because |reference_name| was already canonicalized, the following
579     // should never happen.
580     CHECK_NE(std::string::npos, registry_length);
581 
582     // Account for the leading dot in |reference_domain|.
583     bool is_registry_controlled =
584         registry_length != 0 &&
585         registry_length == (reference_domain.size() - 1);
586 
587     // Additionally, do not attempt wildcard matching for purely numeric
588     // hostnames.
589     allow_wildcards =
590         !is_registry_controlled &&
591         reference_name.find_first_not_of("0123456789.") != std::string::npos;
592   }
593 
594   // Now step through the DNS names doing wild card comparison (if necessary)
595   // on each against the reference name. If subjectAltName is empty, then
596   // fallback to use the common name instead.
597   std::vector<std::string> common_name_as_vector;
598   const std::vector<std::string>* presented_names = &cert_san_dns_names;
599   if (common_name_fallback) {
600     // Note: there's a small possibility cert_common_name is an international
601     // domain name in non-standard encoding (e.g. UTF8String or BMPString
602     // instead of A-label). As common name fallback is deprecated we're not
603     // doing anything specific to deal with this.
604     common_name_as_vector.push_back(cert_common_name);
605     presented_names = &common_name_as_vector;
606   }
607   for (std::vector<std::string>::const_iterator it =
608            presented_names->begin();
609        it != presented_names->end(); ++it) {
610     // Catch badly corrupt cert names up front.
611     if (it->empty() || it->find('\0') != std::string::npos) {
612       DVLOG(1) << "Bad name in cert: " << *it;
613       continue;
614     }
615     std::string presented_name(base::StringToLowerASCII(*it));
616 
617     // Remove trailing dot, if any.
618     if (*presented_name.rbegin() == '.')
619       presented_name.resize(presented_name.length() - 1);
620 
621     // The hostname must be at least as long as the cert name it is matching,
622     // as we require the wildcard (if present) to match at least one character.
623     if (presented_name.length() > reference_name.length())
624       continue;
625 
626     base::StringPiece presented_host, presented_domain;
627     SplitOnChar(presented_name, '.', &presented_host, &presented_domain);
628 
629     if (presented_domain != reference_domain)
630       continue;
631 
632     base::StringPiece pattern_begin, pattern_end;
633     SplitOnChar(presented_host, '*', &pattern_begin, &pattern_end);
634 
635     if (pattern_end.empty()) {  // No '*' in the presented_host
636       if (presented_host == reference_host)
637         return true;
638       continue;
639     }
640     pattern_end.remove_prefix(1);  // move past the *
641 
642     if (!allow_wildcards)
643       continue;
644 
645     // * must not match a substring of an IDN A label; just a whole fragment.
646     if (reference_host.starts_with("xn--") &&
647         !(pattern_begin.empty() && pattern_end.empty()))
648       continue;
649 
650     if (reference_host.starts_with(pattern_begin) &&
651         reference_host.ends_with(pattern_end))
652       return true;
653   }
654   return false;
655 }
656 
VerifyNameMatch(const std::string & hostname,bool * common_name_fallback_used) const657 bool X509Certificate::VerifyNameMatch(const std::string& hostname,
658                                       bool* common_name_fallback_used) const {
659   std::vector<std::string> dns_names, ip_addrs;
660   GetSubjectAltName(&dns_names, &ip_addrs);
661   return VerifyHostname(hostname, subject_.common_name, dns_names, ip_addrs,
662                         common_name_fallback_used);
663 }
664 
665 // static
GetPEMEncodedFromDER(const std::string & der_encoded,std::string * pem_encoded)666 bool X509Certificate::GetPEMEncodedFromDER(const std::string& der_encoded,
667                                            std::string* pem_encoded) {
668   if (der_encoded.empty())
669     return false;
670   std::string b64_encoded;
671   base::Base64Encode(der_encoded, &b64_encoded);
672   *pem_encoded = "-----BEGIN CERTIFICATE-----\n";
673 
674   // Divide the Base-64 encoded data into 64-character chunks, as per
675   // 4.3.2.4 of RFC 1421.
676   static const size_t kChunkSize = 64;
677   size_t chunks = (b64_encoded.size() + (kChunkSize - 1)) / kChunkSize;
678   for (size_t i = 0, chunk_offset = 0; i < chunks;
679        ++i, chunk_offset += kChunkSize) {
680     pem_encoded->append(b64_encoded, chunk_offset, kChunkSize);
681     pem_encoded->append("\n");
682   }
683   pem_encoded->append("-----END CERTIFICATE-----\n");
684   return true;
685 }
686 
687 // static
GetPEMEncoded(OSCertHandle cert_handle,std::string * pem_encoded)688 bool X509Certificate::GetPEMEncoded(OSCertHandle cert_handle,
689                                     std::string* pem_encoded) {
690   std::string der_encoded;
691   if (!GetDEREncoded(cert_handle, &der_encoded))
692     return false;
693   return GetPEMEncodedFromDER(der_encoded, pem_encoded);
694 }
695 
GetPEMEncodedChain(std::vector<std::string> * pem_encoded) const696 bool X509Certificate::GetPEMEncodedChain(
697     std::vector<std::string>* pem_encoded) const {
698   std::vector<std::string> encoded_chain;
699   std::string pem_data;
700   if (!GetPEMEncoded(os_cert_handle(), &pem_data))
701     return false;
702   encoded_chain.push_back(pem_data);
703   for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) {
704     if (!GetPEMEncoded(intermediate_ca_certs_[i], &pem_data))
705       return false;
706     encoded_chain.push_back(pem_data);
707   }
708   pem_encoded->swap(encoded_chain);
709   return true;
710 }
711 
712 // static
CalculateCAFingerprint256(const OSCertHandles & intermediates)713 SHA256HashValue X509Certificate::CalculateCAFingerprint256(
714     const OSCertHandles& intermediates) {
715   SHA256HashValue sha256;
716   memset(sha256.data, 0, sizeof(sha256.data));
717 
718   scoped_ptr<crypto::SecureHash> hash(
719       crypto::SecureHash::Create(crypto::SecureHash::SHA256));
720 
721   for (size_t i = 0; i < intermediates.size(); ++i) {
722     std::string der_encoded;
723     if (!GetDEREncoded(intermediates[i], &der_encoded))
724       return sha256;
725     hash->Update(der_encoded.data(), der_encoded.length());
726   }
727   hash->Finish(sha256.data, sizeof(sha256.data));
728 
729   return sha256;
730 }
731 
732 // static
CalculateChainFingerprint256(OSCertHandle leaf,const OSCertHandles & intermediates)733 SHA256HashValue X509Certificate::CalculateChainFingerprint256(
734     OSCertHandle leaf,
735     const OSCertHandles& intermediates) {
736   OSCertHandles chain;
737   chain.push_back(leaf);
738   chain.insert(chain.end(), intermediates.begin(), intermediates.end());
739 
740   return CalculateCAFingerprint256(chain);
741 }
742 
X509Certificate(OSCertHandle cert_handle,const OSCertHandles & intermediates)743 X509Certificate::X509Certificate(OSCertHandle cert_handle,
744                                  const OSCertHandles& intermediates)
745     : cert_handle_(DupOSCertHandle(cert_handle)) {
746   InsertOrUpdateCache(&cert_handle_);
747   for (size_t i = 0; i < intermediates.size(); ++i) {
748     // Duplicate the incoming certificate, as the caller retains ownership
749     // of |intermediates|.
750     OSCertHandle intermediate = DupOSCertHandle(intermediates[i]);
751     // Update the cache, which will assume ownership of the duplicated
752     // handle and return a suitable equivalent, potentially from the cache.
753     InsertOrUpdateCache(&intermediate);
754     intermediate_ca_certs_.push_back(intermediate);
755   }
756   // Platform-specific initialization.
757   Initialize();
758 }
759 
~X509Certificate()760 X509Certificate::~X509Certificate() {
761   if (cert_handle_) {
762     RemoveFromCache(cert_handle_);
763     FreeOSCertHandle(cert_handle_);
764   }
765   for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) {
766     RemoveFromCache(intermediate_ca_certs_[i]);
767     FreeOSCertHandle(intermediate_ca_certs_[i]);
768   }
769 }
770 
771 }  // namespace net
772