search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add include.
[chromium-blink-merge.git] / net / cert / x509_util_openssl.cc
blob4b9e1c68d052d0d52d59f3c2eebe852e85ea9ea3
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/x509_util_openssl.h"
6
7 #include <algorithm>
8 #include <openssl/asn1.h>
9
10 #include "base/lazy_instance.h"
11 #include "base/logging.h"
12 #include "base/strings/string_piece.h"
13 #include "base/strings/string_util.h"
14 #include "crypto/ec_private_key.h"
15 #include "crypto/openssl_util.h"
16 #include "crypto/rsa_private_key.h"
17 #include "crypto/scoped_openssl_types.h"
18 #include "net/cert/x509_cert_types.h"
19 #include "net/cert/x509_util.h"
20
21 namespace net {
22
23 namespace {
24
25 typedef crypto::ScopedOpenSSL<ASN1_INTEGER, ASN1_INTEGER_free>::Type
26 ScopedASN1_INTEGER;
27 typedef crypto::ScopedOpenSSL<ASN1_OCTET_STRING, ASN1_OCTET_STRING_free>::Type
28 ScopedASN1_OCTET_STRING;
29 typedef crypto::ScopedOpenSSL<ASN1_STRING, ASN1_STRING_free>::Type
30 ScopedASN1_STRING;
31 typedef crypto::ScopedOpenSSL<ASN1_TIME, ASN1_TIME_free>::Type ScopedASN1_TIME;
32 typedef crypto::ScopedOpenSSL<X509, X509_free>::Type ScopedX509;
33 typedef crypto::ScopedOpenSSL<X509_EXTENSION, X509_EXTENSION_free>::Type
34 ScopedX509_EXTENSION;
35 typedef crypto::ScopedOpenSSL<X509_NAME, X509_NAME_free>::Type ScopedX509_NAME;
36
37 const EVP_MD* ToEVP(x509_util::DigestAlgorithm alg) {
38 switch (alg) {
39 case x509_util::DIGEST_SHA1:
40 return EVP_sha1();
41 case x509_util::DIGEST_SHA256:
42 return EVP_sha256();
43 }
44 return NULL;
45 }
46
47 } // namespace
48
49 namespace x509_util {
50
51 namespace {
52
53 X509* CreateCertificate(EVP_PKEY* key,
54 DigestAlgorithm alg,
55 const std::string& common_name,
56 uint32_t serial_number,
57 base::Time not_valid_before,
58 base::Time not_valid_after) {
59 // Put the serial number into an OpenSSL-friendly object.
60 ScopedASN1_INTEGER asn1_serial(ASN1_INTEGER_new());
61 if (!asn1_serial.get() ||
62 !ASN1_INTEGER_set(asn1_serial.get(), static_cast<long>(serial_number))) {
63 LOG(ERROR) << "Invalid serial number " << serial_number;
64 return NULL;
65 }
66
67 // Do the same for the time stamps.
68 ScopedASN1_TIME asn1_not_before_time(
69 ASN1_TIME_set(NULL, not_valid_before.ToTimeT()));
70 if (!asn1_not_before_time.get()) {
71 LOG(ERROR) << "Invalid not_valid_before time: "
72 << not_valid_before.ToTimeT();
73 return NULL;
74 }
75
76 ScopedASN1_TIME asn1_not_after_time(
77 ASN1_TIME_set(NULL, not_valid_after.ToTimeT()));
78 if (!asn1_not_after_time.get()) {
79 LOG(ERROR) << "Invalid not_valid_after time: " << not_valid_after.ToTimeT();
80 return NULL;
81 }
82
83 // Because |common_name| only contains a common name and starts with 'CN=',
84 // there is no need for a full RFC 2253 parser here. Do some sanity checks
85 // though.
86 static const char kCommonNamePrefix[] = "CN=";
87 const size_t kCommonNamePrefixLen = sizeof(kCommonNamePrefix) - 1;
88 if (common_name.size() < kCommonNamePrefixLen ||
89 strncmp(common_name.c_str(), kCommonNamePrefix, kCommonNamePrefixLen)) {
90 LOG(ERROR) << "Common name must begin with " << kCommonNamePrefix;
91 return NULL;
92 }
93 if (common_name.size() > INT_MAX) {
94 LOG(ERROR) << "Common name too long";
95 return NULL;
96 }
97 unsigned char* common_name_str =
98 reinterpret_cast<unsigned char*>(const_cast<char*>(common_name.data())) +
99 kCommonNamePrefixLen;
100 int common_name_len =
101 static_cast<int>(common_name.size() - kCommonNamePrefixLen);
102
103 ScopedX509_NAME name(X509_NAME_new());
104 if (!name.get() || !X509_NAME_add_entry_by_NID(name.get(),
105 NID_commonName,
106 MBSTRING_ASC,
107 common_name_str,
108 common_name_len,
109 -1,
110 0)) {
111 LOG(ERROR) << "Can't parse common name: " << common_name.c_str();
112 return NULL;
113 }
114
115 // Now create certificate and populate it.
116 ScopedX509 cert(X509_new());
117 if (!cert.get() || !X509_set_version(cert.get(), 2L) /* i.e. version 3 */ ||
118 !X509_set_pubkey(cert.get(), key) ||
119 !X509_set_serialNumber(cert.get(), asn1_serial.get()) ||
120 !X509_set_notBefore(cert.get(), asn1_not_before_time.get()) ||
121 !X509_set_notAfter(cert.get(), asn1_not_after_time.get()) ||
122 !X509_set_subject_name(cert.get(), name.get()) ||
123 !X509_set_issuer_name(cert.get(), name.get())) {
124 LOG(ERROR) << "Could not create certificate";
125 return NULL;
126 }
127
128 return cert.release();
129 }
130
131 // DER-encodes |x509|. On success, returns true and writes the
132 // encoding to |*out_der|.
133 bool DerEncodeCert(X509* x509, std::string* out_der) {
134 int len = i2d_X509(x509, NULL);
135 if (len < 0)
136 return false;
137
138 uint8_t* ptr = reinterpret_cast<uint8_t*>(WriteInto(out_der, len + 1));
139 if (i2d_X509(x509, &ptr) < 0) {
140 NOTREACHED();
141 out_der->clear();
142 return false;
143 }
144 return true;
145 }
146
147 bool SignAndDerEncodeCert(X509* cert,
148 EVP_PKEY* key,
149 DigestAlgorithm alg,
150 std::string* der_encoded) {
151 // Get the message digest algorithm
152 const EVP_MD* md = ToEVP(alg);
153 if (!md) {
154 LOG(ERROR) << "Unrecognized hash algorithm.";
155 return false;
156 }
157
158 // Sign it with the private key.
159 if (!X509_sign(cert, key, md)) {
160 LOG(ERROR) << "Could not sign certificate with key.";
161 return false;
162 }
163
164 // Convert it into a DER-encoded string copied to |der_encoded|.
165 return DerEncodeCert(cert, der_encoded);
166 }
167
168 // There is no OpenSSL NID for the 'originBoundCertificate' extension OID yet,
169 // so create a global ASN1_OBJECT lazily with the right parameters.
170 class DomainBoundOid {
171 public:
172 DomainBoundOid() : obj_(OBJ_txt2obj(kDomainBoundOidText, 1)) { CHECK(obj_); }
173
174 ~DomainBoundOid() {
175 if (obj_)
176 ASN1_OBJECT_free(obj_);
177 }
178
179 ASN1_OBJECT* obj() const { return obj_; }
180
181 private:
182 static const char kDomainBoundOidText[];
183
184 ASN1_OBJECT* obj_;
185 };
186
187 // 1.3.6.1.4.1.11129.2.1.6
188 // (iso.org.dod.internet.private.enterprises.google.googleSecurity.
189 // certificateExtensions.originBoundCertificate)
190 const char DomainBoundOid::kDomainBoundOidText[] = "1.3.6.1.4.1.11129.2.1.6";
191
192 ASN1_OBJECT* GetDomainBoundOid() {
193 static base::LazyInstance<DomainBoundOid>::Leaky s_lazy =
194 LAZY_INSTANCE_INITIALIZER;
195 return s_lazy.Get().obj();
196 }
197
198
199 struct DERCache {
200 std::string data;
201 };
202
203 void DERCache_free(void* parent, void* ptr, CRYPTO_EX_DATA* ad, int idx,
204 long argl, void* argp) {
205 DERCache* der_cache = static_cast<DERCache*>(ptr);
206 delete der_cache;
207 }
208
209 class DERCacheInitSingleton {
210 public:
211 DERCacheInitSingleton() {
212 crypto::EnsureOpenSSLInit();
213 der_cache_ex_index_ = X509_get_ex_new_index(0, 0, 0, 0, DERCache_free);
214 DCHECK_NE(-1, der_cache_ex_index_);
215 }
216
217 int der_cache_ex_index() const { return der_cache_ex_index_; }
218
219 private:
220 int der_cache_ex_index_;
221
222 DISALLOW_COPY_AND_ASSIGN(DERCacheInitSingleton);
223 };
224
225 base::LazyInstance<DERCacheInitSingleton>::Leaky g_der_cache_singleton =
226 LAZY_INSTANCE_INITIALIZER;
227
228 } // namespace
229
230 bool IsSupportedValidityRange(base::Time not_valid_before,
231 base::Time not_valid_after) {
232 if (not_valid_before > not_valid_after)
233 return false;
234
235 // The validity field of a certificate can only encode years 1-9999.
236
237 // Compute the base::Time values corresponding to Jan 1st,0001 and
238 // Jan 1st, 10000 respectively. Done by using the pre-computed numbers
239 // of days between these dates and the Unix epoch, i.e. Jan 1st, 1970,
240 // using the following Python script:
241 //
242 // from datetime import date as D
243 // print (D(1970,1,1)-D(1,1,1)) # -> 719162 days
244 // print (D(9999,12,31)-D(1970,1,1)) # -> 2932896 days
245 //
246 // Note: This ignores leap seconds, but should be enough in practice.
247 //
248 const int64 kDaysFromYear0001ToUnixEpoch = 719162;
249 const int64 kDaysFromUnixEpochToYear10000 = 2932896 + 1;
250 const base::Time kEpoch = base::Time::UnixEpoch();
251 const base::Time kYear0001 = kEpoch -
252 base::TimeDelta::FromDays(kDaysFromYear0001ToUnixEpoch);
253 const base::Time kYear10000 = kEpoch +
254 base::TimeDelta::FromDays(kDaysFromUnixEpochToYear10000);
255
256 if (not_valid_before < kYear0001 || not_valid_before >= kYear10000 ||
257 not_valid_after < kYear0001 || not_valid_after >= kYear10000)
258 return false;
259
260 return true;
261 }
262
263 bool CreateChannelIDEC(
264 crypto::ECPrivateKey* key,
265 DigestAlgorithm alg,
266 const std::string& domain,
267 uint32 serial_number,
268 base::Time not_valid_before,
269 base::Time not_valid_after,
270 std::string* der_cert) {
271 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
272 // Create certificate.
273 ScopedX509 cert(CreateCertificate(key->key(),
274 alg,
275 "CN=anonymous.invalid",
276 serial_number,
277 not_valid_before,
278 not_valid_after));
279 if (!cert.get())
280 return false;
281
282 // Add TLS-Channel-ID extension to the certificate before signing it.
283 // The value must be stored DER-encoded, as a ASN.1 IA5String.
284 ScopedASN1_STRING domain_ia5(ASN1_IA5STRING_new());
285 if (!domain_ia5.get() ||
286 !ASN1_STRING_set(domain_ia5.get(), domain.data(), domain.size()))
287 return false;
288
289 std::string domain_der;
290 int domain_der_len = i2d_ASN1_IA5STRING(domain_ia5.get(), NULL);
291 if (domain_der_len < 0)
292 return false;
293
294 domain_der.resize(domain_der_len);
295 unsigned char* domain_der_data =
296 reinterpret_cast<unsigned char*>(&domain_der[0]);
297 if (i2d_ASN1_IA5STRING(domain_ia5.get(), &domain_der_data) < 0)
298 return false;
299
300 ScopedASN1_OCTET_STRING domain_str(ASN1_OCTET_STRING_new());
301 if (!domain_str.get() ||
302 !ASN1_STRING_set(domain_str.get(), domain_der.data(), domain_der.size()))
303 return false;
304
305 ScopedX509_EXTENSION ext(X509_EXTENSION_create_by_OBJ(
306 NULL, GetDomainBoundOid(), 1 /* critical */, domain_str.get()));
307 if (!ext.get() || !X509_add_ext(cert.get(), ext.get(), -1)) {
308 return false;
309 }
310
311 // Sign and encode it.
312 return SignAndDerEncodeCert(cert.get(), key->key(), alg, der_cert);
313 }
314
315 bool CreateSelfSignedCert(crypto::RSAPrivateKey* key,
316 DigestAlgorithm alg,
317 const std::string& common_name,
318 uint32 serial_number,
319 base::Time not_valid_before,
320 base::Time not_valid_after,
321 std::string* der_encoded) {
322 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
323 ScopedX509 cert(CreateCertificate(key->key(),
324 alg,
325 common_name,
326 serial_number,
327 not_valid_before,
328 not_valid_after));
329 if (!cert.get())
330 return false;
331
332 return SignAndDerEncodeCert(cert.get(), key->key(), alg, der_encoded);
333 }
334
335 bool ParsePrincipalKeyAndValue(X509_NAME_ENTRY* entry,
336 std::string* key,
337 std::string* value) {
338 if (key) {
339 ASN1_OBJECT* object = X509_NAME_ENTRY_get_object(entry);
340 key->assign(OBJ_nid2sn(OBJ_obj2nid(object)));
341 }
342
343 ASN1_STRING* data = X509_NAME_ENTRY_get_data(entry);
344 if (!data)
345 return false;
346
347 unsigned char* buf = NULL;
348 int len = ASN1_STRING_to_UTF8(&buf, data);
349 if (len <= 0)
350 return false;
351
352 value->assign(reinterpret_cast<const char*>(buf), len);
353 OPENSSL_free(buf);
354 return true;
355 }
356
357 bool ParsePrincipalKeyAndValueByIndex(X509_NAME* name,
358 int index,
359 std::string* key,
360 std::string* value) {
361 X509_NAME_ENTRY* entry = X509_NAME_get_entry(name, index);
362 if (!entry)
363 return false;
364
365 return ParsePrincipalKeyAndValue(entry, key, value);
366 }
367
368 bool ParsePrincipalValueByIndex(X509_NAME* name,
369 int index,
370 std::string* value) {
371 return ParsePrincipalKeyAndValueByIndex(name, index, NULL, value);
372 }
373
374 bool ParsePrincipalValueByNID(X509_NAME* name, int nid, std::string* value) {
375 int index = X509_NAME_get_index_by_NID(name, nid, -1);
376 if (index < 0)
377 return false;
378
379 return ParsePrincipalValueByIndex(name, index, value);
380 }
381
382 bool ParseDate(ASN1_TIME* x509_time, base::Time* time) {
383 if (!x509_time ||
384 (x509_time->type != V_ASN1_UTCTIME &&
385 x509_time->type != V_ASN1_GENERALIZEDTIME))
386 return false;
387
388 base::StringPiece str_date(reinterpret_cast<const char*>(x509_time->data),
389 x509_time->length);
390
391 CertDateFormat format = x509_time->type == V_ASN1_UTCTIME ?
392 CERT_DATE_FORMAT_UTC_TIME : CERT_DATE_FORMAT_GENERALIZED_TIME;
393 return ParseCertificateDate(str_date, format, time);
394 }
395
396 // Returns true if |der_cache| points to valid data, false otherwise.
397 // (note: the DER-encoded data in |der_cache| is owned by |cert|, callers should
398 // not free it).
399 bool GetDER(X509* x509, base::StringPiece* der_cache) {
400 int x509_der_cache_index =
401 g_der_cache_singleton.Get().der_cache_ex_index();
402
403 // Re-encoding the DER data via i2d_X509 is an expensive operation,
404 // but it's necessary for comparing two certificates. Re-encode at
405 // most once per certificate and cache the data within the X509 cert
406 // using X509_set_ex_data.
407 DERCache* internal_cache = static_cast<DERCache*>(
408 X509_get_ex_data(x509, x509_der_cache_index));
409 if (!internal_cache) {
410 scoped_ptr<DERCache> new_cache(new DERCache);
411 if (!DerEncodeCert(x509, &new_cache->data))
412 return false;
413 internal_cache = new_cache.get();
414 X509_set_ex_data(x509, x509_der_cache_index, new_cache.release());
415 }
416 *der_cache = base::StringPiece(internal_cache->data);
417 return true;
418 }
419
420 } // namespace x509_util
421
422 } // namespace net