| blob | 382be8ef389155052a8f4a4f0455b503d7f0cbf0 |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
7 #include <stdlib.h>
9 #include <algorithm>
10 #include <map>
11 #include <string>
12 #include <vector>
33 // Indicates the order to use when trying to decode binary data, which is
34 // based on (speculation) as to what will be most common -> least common
38 };
40 // The PEM block header used for DER certificates
42 // The PEM block header used for PKCS#7 data
45 #if !defined(USE_NSS)
46 // A thread-safe cache for OS certificate handles.
47 //
48 // Within each of the supported underlying crypto libraries, a certificate
49 // handle is represented as a ref-counted object that contains the parsed
50 // data for the certificate. In addition, the underlying OS handle may also
51 // contain a copy of the original ASN.1 DER used to constructed the handle.
52 //
53 // In order to reduce the memory usage when multiple SSL connections exist,
54 // with each connection storing the server's identity certificate plus any
55 // intermediates supplied, the certificate handles are cached. Any two
56 // X509Certificates that were created from the same ASN.1 DER data,
57 // regardless of where that data came from, will share the same underlying
58 // OS certificate handle.
61 // Performs a compare-and-swap like operation. If an OS certificate handle
62 // for the same certificate data as |*cert_handle| already exists in the
63 // cache, the original |*cert_handle| will be freed and |cert_handle|
64 // will be updated to point to a duplicated reference to the existing cached
65 // certificate, with the caller taking ownership of this duplicated handle.
66 // If an equivalent OS certificate handle is not found, a duplicated
67 // reference to |*cert_handle| will be added to the cache. In either case,
68 // upon return, the caller fully owns |*cert_handle| and is responsible for
69 // calling FreeOSCertHandle(), after first calling Remove().
72 // Decrements the cache reference count for |cert_handle|, a handle that was
73 // previously obtained by calling InsertOrUpdate(). If this is the last
74 // cached reference held, this will remove the handle from the cache. The
75 // caller retains ownership of |cert_handle| and remains responsible for
76 // calling FreeOSCertHandle() to release the underlying OS certificate
80 // A single entry in the cache. Certificates will be keyed by their SHA1
81 // fingerprints, but will not be considered equivalent unless the entire
82 // certificate data matches.
88 // Increased by each call to InsertOrUpdate(), and balanced by each call
89 // to Remove(). When it equals 0, all references created by
90 // InsertOrUpdate() have been released, so the cache entry will be removed
91 // the cached OS certificate handle will be freed.
93 };
96 // Obtain an instance of X509CertificateCache via a LazyInstance.
101 // You must acquire this lock before using any private data of this object
102 // You must not block while holding this lock.
105 // The certificate cache. You must acquire |lock_| before using |cache_|.
106 CertMap cache_;
109 };
117 SHA1HashValue fingerprint =
121 {
125 // A cached entry was not found, so initialize a new entry. The entry
126 // assumes ownership of the current |*cert_handle|.
127 Entry cache_entry;
136 // Two certificates don't match, due to a SHA1 hash collision. Given
137 // the low probability, the simplest solution is to not cache the
138 // certificate, which should not affect performance too negatively.
140 }
141 // A cached entry was found and will be used instead of the caller's
142 // handle. Ensure the caller's original handle will be freed, since
143 // ownership is assumed.
145 }
146 // Whether an existing cached handle or a new handle, increment the
147 // cache's reference count and return a handle that the caller can own.
150 }
151 // If the caller's handle was replaced with a cached handle, free the
152 // original handle now. This is done outside of the lock because
153 // |old_handle| may be the only handle for this particular certificate, so
154 // freeing it may be complex or resource-intensive and does not need to
155 // be guarded by the lock.
159 }
160 }
163 SHA1HashValue fingerprint =
177 // The last reference to |cert_handle| has been removed, so release the
178 // Entry's OS handle and remove the Entry. The caller still holds a
179 // reference to |cert_handle| and is responsible for freeing it.
182 }
183 }
186 // See X509CertificateCache::InsertOrUpdate. NSS has a built-in cache, so there
187 // is no point in wrapping another cache around it.
189 #if !defined(USE_NSS)
191 #endif
192 }
194 // See X509CertificateCache::Remove.
196 #if !defined(USE_NSS)
198 #endif
199 }
201 // Utility to split |src| on the first occurrence of |c|, if any. |right| will
202 // either be empty if |c| was not found, or will contain the remainder of the
203 // string including the split character itself.
215 }
216 }
233 }
246 }
248 // static
250 OSCertHandle cert_handle,
254 }
256 // static
269 }
272 // Return NULL if we failed to parse any of the certs.
276 }
282 }
288 }
290 // static
300 }
302 // static
305 PickleType type) {
318 }
320 }
322 // Legacy / Migration code. This should eventually be removed once
323 // sufficient time has passed that all pickles serialized prior to
324 // PICKLETYPE_CERTIFICATE_CHAIN_V3 have been removed.
329 OSCertHandles intermediates;
335 }
337 #if defined(OS_POSIX) && !defined(OS_MACOSX) && defined(__x86_64__)
338 // On 64-bit Linux (and any other 64-bit platforms), the intermediate count
339 // might really be a 64-bit field since we used to use Pickle::WriteSize(),
340 // which writes either 32 or 64 bits depending on the architecture. Since
341 // x86-64 is little-endian, if that happens, the next 32 bits will be all
342 // zeroes (the high bits) and the 32 bits we already read above are the
343 // correct value (we assume there are never more than 2^32 - 1 intermediate
344 // certificates in a chain; in practice, more than a dozen or so is
345 // basically unheard of). Since it's invalid for a certificate to start with
346 // 32 bits of zeroes, we check for that here and skip it if we find it. We
347 // save a copy of the pickle iterator to restore in case we don't get 32
348 // bits of zeroes. Now we always write 32 bits, so after a while, these old
349 // cached pickles will all get replaced.
350 // TODO(mdm): remove this compatibility code in April 2013 or so.
354 // This may not be an error. If there are no intermediates, and we're
355 // reading an old 32-bit pickle, and there's nothing else after this in
356 // the pickle, we should report success. Note that it is technically
357 // possible for us to skip over zeroes that should have occurred after
358 // an empty certificate list; to avoid this going forward, only do this
359 // backward-compatibility stuff for PICKLETYPE_CERTIFICATE_CHAIN_V1
360 // which comes from the pickle version number in http_response_info.cc.
364 }
365 }
375 }
376 }
386 }
388 // static
391 OSCertHandles certificates;
393 // Check to see if it is in a PEM-encoded form. This check is performed
394 // first, as both OS X and NSS will both try to convert if they detect
395 // PEM encoding, except they don't do it consistently between the two.
399 // To maintain compatibility with NSS/Firefox, CERTIFICATE is a universally
400 // valid PEM block header for any format.
413 // Parsed a DER encoded certificate. All PEM blocks that follow must
414 // also be DER encoded certificates wrapped inside of PEM blocks.
418 }
420 // If the first block failed to parse as a DER certificate, and
421 // formats other than PEM are acceptable, check to see if the decoded
422 // data is one of the accepted formats.
429 }
430 }
431 }
433 // Stop parsing after the first block for any format but a sequence of
434 // PEM-encoded DER certificates. The case of FORMAT_PEM_CERT_SEQUENCE
435 // is handled above, and continues processing until a certificate fails
436 // to parse.
438 }
440 // Try each of the formats, in order of parse preference, to see if |data|
441 // contains the binary representation of a Format, if it failed to parse
442 // as a PEM certificate/chain.
448 }
450 CertificateList results;
451 // No certificates parsed.
460 }
463 }
467 // This would be an absolutely insane number of intermediates.
471 }
477 }
482 }
483 }
484 }
490 }
494 }
498 }
500 // static
507 // Perform name verification following http://tools.ietf.org/html/rfc6125.
508 // The terminology used in this method is as per that RFC:-
509 // Reference identifier == the host the local user/agent is intending to
510 // access, i.e. the thing displayed in the URL bar.
511 // Presented identifier(s) == name(s) the server knows itself as, in its cert.
513 // CanonicalizeHost requires surrounding brackets to parse an IPv6 address.
518 // CanonicalizeHost does not normalize absolute vs relative DNS names. If
519 // the input name was absolute (included trailing .), normalize it as if it
520 // was relative.
526 // Allow fallback to Common name matching?
530 // Fully handle all cases where |hostname| contains an IP address.
534 // Fallback to Common name matching. As this is deprecated and only
535 // supported for compatibility refuse it for IPv6 addresses.
537 }
543 }
545 // |reference_domain| is the remainder of |host| after the leading host
546 // component is stripped off, but includes the leading dot e.g.
547 // "www.f.com" -> ".f.com".
548 // If there is no meaningful domain part to |host| (e.g. it contains no dots)
549 // then |reference_domain| will be empty.
555 // We required at least 3 components (i.e. 2 dots) as a basic protection
556 // against too-broad wild-carding.
557 // Also we don't attempt wildcard matching on a purely numerical hostname.
560 }
562 // Now step through the DNS names doing wild card comparison (if necessary)
563 // on each against the reference name. If subjectAltName is empty, then
564 // fallback to use the common name instead.
568 // Note: there's a small possibility cert_common_name is an international
569 // domain name in non-standard encoding (e.g. UTF8String or BMPString
570 // instead of A-label). As common name fallback is deprecated we're not
571 // doing anything specific to deal with this.
574 }
578 // Catch badly corrupt cert names up front.
582 }
585 // Remove trailing dot, if any.
589 // The hostname must be at least as long as the cert name it is matching,
590 // as we require the wildcard (if present) to match at least one character.
607 }
613 // * must not match a substring of an IDN A label; just a whole fragment.
621 }
623 }
625 #if !defined(USE_NSS)
630 }
631 #endif
633 // static
644 // Divide the Base-64 encoded data into 64-character chunks, as per
645 // 4.3.2.4 of RFC 1421.
652 }
655 }
668 }
671 }
678 // Duplicate the incoming certificate, as the caller retains ownership
679 // of |intermediates|.
681 // Update the cache, which will assume ownership of the duplicated
682 // handle and return a suitable equivalent, potentially from the cache.
685 }
686 // Platform-specific initialization.
688 }
694 }
698 }
699 }