// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef NET_CERT_X509_CERTIFICATE_H_ #define NET_CERT_X509_CERTIFICATE_H_ #include <string.h> #include <string> #include <vector> #include "base/gtest_prod_util.h" #include "base/memory/ref_counted.h" #include "base/strings/string_piece.h" #include "base/time/time.h" #include "net/base/net_export.h" #include "net/cert/cert_type.h" #include "net/cert/x509_cert_types.h" #if defined(OS_WIN) #include <windows.h> #include <wincrypt.h> #elif defined(OS_MACOSX) #include <CoreFoundation/CFArray.h> #include <Security/SecBase.h> #elif defined(USE_OPENSSL_CERTS) // Forward declaration; real one in <x509.h> typedef struct x509_st X509; typedef struct x509_store_st X509_STORE; #elif defined(USE_NSS) // Forward declaration; real one in <cert.h> struct CERTCertificateStr; #endif class Pickle; class PickleIterator; namespace net { class CRLSet; class CertVerifyResult; typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; // X509Certificate represents a X.509 certificate, which is comprised a // particular identity or end-entity certificate, such as an SSL server // identity or an SSL client certificate, and zero or more intermediate // certificates that may be used to build a path to a root certificate. class NET_EXPORT X509Certificate : public base::RefCountedThreadSafe<X509Certificate> { public: // An OSCertHandle is a handle to a certificate object in the underlying // crypto library. We assume that OSCertHandle is a pointer type on all // platforms and that NULL represents an invalid OSCertHandle. #if defined(OS_WIN) typedef PCCERT_CONTEXT OSCertHandle; #elif defined(OS_MACOSX) typedef SecCertificateRef OSCertHandle; #elif defined(USE_OPENSSL_CERTS) typedef X509* OSCertHandle; #elif defined(USE_NSS) typedef struct CERTCertificateStr* OSCertHandle; #else // TODO(ericroman): not implemented typedef void* OSCertHandle; #endif typedef std::vector<OSCertHandle> OSCertHandles; enum PublicKeyType { kPublicKeyTypeUnknown, kPublicKeyTypeRSA, kPublicKeyTypeDSA, kPublicKeyTypeECDSA, kPublicKeyTypeDH, kPublicKeyTypeECDH }; // Predicate functor used in maps when X509Certificate is used as the key. class NET_EXPORT LessThan { public: bool operator()(const scoped_refptr<X509Certificate>& lhs, const scoped_refptr<X509Certificate>& rhs) const; }; enum Format { // The data contains a single DER-encoded certificate, or a PEM-encoded // DER certificate with the PEM encoding block name of "CERTIFICATE". // Any subsequent blocks will be ignored. FORMAT_SINGLE_CERTIFICATE = 1 << 0, // The data contains a sequence of one or more PEM-encoded, DER // certificates, with the PEM encoding block name of "CERTIFICATE". // All PEM blocks will be parsed, until the first error is encountered. FORMAT_PEM_CERT_SEQUENCE = 1 << 1, // The data contains a PKCS#7 SignedData structure, whose certificates // member is to be used to initialize the certificate and intermediates. // The data may further be encoded using PEM, specifying block names of // either "PKCS7" or "CERTIFICATE". FORMAT_PKCS7 = 1 << 2, // Automatically detect the format. FORMAT_AUTO = FORMAT_SINGLE_CERTIFICATE | FORMAT_PEM_CERT_SEQUENCE | FORMAT_PKCS7, }; // PickleType is intended for deserializing certificates that were pickled // by previous releases as part of a net::HttpResponseInfo. // When serializing certificates to a new Pickle, // PICKLETYPE_CERTIFICATE_CHAIN_V3 is always used. enum PickleType { // When reading a certificate from a Pickle, the Pickle only contains a // single certificate. PICKLETYPE_SINGLE_CERTIFICATE, // When reading a certificate from a Pickle, the Pickle contains the // the certificate plus any certificates that were stored in // |intermediate_ca_certificates_| at the time it was serialized. // The count of certificates is stored as a size_t, which is either 32 // or 64 bits. PICKLETYPE_CERTIFICATE_CHAIN_V2, // The Pickle contains the certificate and any certificates that were // stored in |intermediate_ca_certs_| at the time it was serialized. // The format is [int count], [data - this certificate], // [data - intermediate1], ... [data - intermediateN]. // All certificates are stored in DER form. PICKLETYPE_CERTIFICATE_CHAIN_V3, }; // Creates a X509Certificate from the ground up. Used by tests that simulate // SSL connections. X509Certificate(const std::string& subject, const std::string& issuer, base::Time start_date, base::Time expiration_date); // Create an X509Certificate from a handle to the certificate object in the // underlying crypto library. The returned pointer must be stored in a // scoped_refptr<X509Certificate>. static X509Certificate* CreateFromHandle(OSCertHandle cert_handle, const OSCertHandles& intermediates); // Create an X509Certificate from a chain of DER encoded certificates. The // first certificate in the chain is the end-entity certificate to which a // handle is returned. The other certificates in the chain are intermediate // certificates. The returned pointer must be stored in a // scoped_refptr<X509Certificate>. static X509Certificate* CreateFromDERCertChain( const std::vector<base::StringPiece>& der_certs); // Create an X509Certificate from the DER-encoded representation. // Returns NULL on failure. // // The returned pointer must be stored in a scoped_refptr<X509Certificate>. static X509Certificate* CreateFromBytes(const char* data, int length); #if defined(USE_NSS) // Create an X509Certificate from the DER-encoded representation. // |nickname| can be NULL if an auto-generated nickname is desired. // Returns NULL on failure. The returned pointer must be stored in a // scoped_refptr<X509Certificate>. // // This function differs from CreateFromBytes in that it takes a // nickname that will be used when the certificate is imported into PKCS#11. static X509Certificate* CreateFromBytesWithNickname(const char* data, int length, const char* nickname); // The default nickname of the certificate, based on the certificate type // passed in. If this object was created using CreateFromBytesWithNickname, // then this will return the nickname specified upon creation. std::string GetDefaultNickname(CertType type) const; #endif // Create an X509Certificate from the representation stored in the given // pickle. The data for this object is found relative to the given // pickle_iter, which should be passed to the pickle's various Read* methods. // Returns NULL on failure. // // The returned pointer must be stored in a scoped_refptr<X509Certificate>. static X509Certificate* CreateFromPickle(const Pickle& pickle, PickleIterator* pickle_iter, PickleType type); // Parses all of the certificates possible from |data|. |format| is a // bit-wise OR of Format, indicating the possible formats the // certificates may have been serialized as. If an error occurs, an empty // collection will be returned. static CertificateList CreateCertificateListFromBytes(const char* data, int length, int format); // Appends a representation of this object to the given pickle. void Persist(Pickle* pickle); // The serial number, DER encoded, possibly including a leading 00 byte. const std::string& serial_number() const { return serial_number_; } // The subject of the certificate. For HTTPS server certificates, this // represents the web server. The common name of the subject should match // the host name of the web server. const CertPrincipal& subject() const { return subject_; } // The issuer of the certificate. const CertPrincipal& issuer() const { return issuer_; } // Time period during which the certificate is valid. More precisely, this // certificate is invalid before the |valid_start| date and invalid after // the |valid_expiry| date. // If we were unable to parse either date from the certificate (or if the cert // lacks either date), the date will be null (i.e., is_null() will be true). const base::Time& valid_start() const { return valid_start_; } const base::Time& valid_expiry() const { return valid_expiry_; } // The fingerprint of this certificate. const SHA1HashValue& fingerprint() const { return fingerprint_; } // The fingerprint of the intermediate CA certificates. const SHA1HashValue& ca_fingerprint() const { return ca_fingerprint_; } // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 // Server Identity, if the certificate has a subjectAltName extension of // type dNSName, this method gets the DNS names in that extension. // Otherwise, it gets the common name in the subject field. void GetDNSNames(std::vector<std::string>* dns_names) const; // Gets the subjectAltName extension field from the certificate, if any. // For future extension; currently this only returns those name types that // are required for HTTP certificate name verification - see VerifyHostname. // Unrequired parameters may be passed as NULL. void GetSubjectAltName(std::vector<std::string>* dns_names, std::vector<std::string>* ip_addrs) const; // Convenience method that returns whether this certificate has expired as of // now. bool HasExpired() const; // Returns true if this object and |other| represent the same certificate. bool Equals(const X509Certificate* other) const; // Returns intermediate certificates added via AddIntermediateCertificate(). // Ownership follows the "get" rule: it is the caller's responsibility to // retain the elements of the result. const OSCertHandles& GetIntermediateCertificates() const { return intermediate_ca_certs_; } #if defined(OS_MACOSX) // Does this certificate's usage allow SSL client authentication? bool SupportsSSLClientAuth() const; // Returns a new CFArrayRef containing this certificate and its intermediate // certificates in the form expected by Security.framework and Keychain // Services, or NULL on failure. // The first item in the array will be this certificate, followed by its // intermediates, if any. CFArrayRef CreateOSCertChainForCert() const; #endif // Do any of the given issuer names appear in this cert's chain of trust? // |valid_issuers| is a list of DER-encoded X.509 DistinguishedNames. bool IsIssuedByEncoded(const std::vector<std::string>& valid_issuers); #if defined(OS_WIN) // Returns a new PCCERT_CONTEXT containing this certificate and its // intermediate certificates, or NULL on failure. The returned // PCCERT_CONTEXT *MUST NOT* be stored in an X509Certificate, as this will // cause os_cert_handle() to return incorrect results. This function is only // necessary if the CERT_CONTEXT.hCertStore member will be accessed or // enumerated, which is generally true for any CryptoAPI functions involving // certificate chains, including validation or certificate display. // // Remarks: // Depending on the CryptoAPI function, Windows may need to access the // HCERTSTORE that the passed-in PCCERT_CONTEXT belongs to, such as to // locate additional intermediates. However, all certificate handles are added // to a NULL HCERTSTORE, allowing the system to manage the resources. As a // result, intermediates for |cert_handle_| cannot be located simply via // |cert_handle_->hCertStore|, as it refers to a magic value indicating // "only this certificate". // // To avoid this problems, a new in-memory HCERTSTORE is created containing // just this certificate and its intermediates. The handle to the version of // the current certificate in the new HCERTSTORE is then returned, with the // PCCERT_CONTEXT's HCERTSTORE set to be automatically freed when the returned // certificate handle is freed. // // This function is only needed when the HCERTSTORE of the os_cert_handle() // will be accessed, which is generally only during certificate validation // or display. While the returned PCCERT_CONTEXT and its HCERTSTORE can // safely be used on multiple threads if no further modifications happen, it // is generally preferable for each thread that needs such a context to // obtain its own, rather than risk thread-safety issues by sharing. // // Because of how X509Certificate caching is implemented, attempting to // create an X509Certificate from the returned PCCERT_CONTEXT may result in // the original handle (and thus the originall HCERTSTORE) being returned by // os_cert_handle(). For this reason, the returned PCCERT_CONTEXT *MUST NOT* // be stored in an X509Certificate. PCCERT_CONTEXT CreateOSCertChainForCert() const; #endif #if defined(USE_OPENSSL_CERTS) // Returns a handle to a global, in-memory certificate store. We // use it for test code, e.g. importing the test server's certificate. static X509_STORE* cert_store(); #endif // Verifies that |hostname| matches this certificate. // Does not verify that the certificate is valid, only that the certificate // matches this host. // Returns true if it matches, and updates |*common_name_fallback_used|, // setting it to true if a fallback to the CN was used, rather than // subjectAltName. bool VerifyNameMatch(const std::string& hostname, bool* common_name_fallback_used) const; // Obtains the DER encoded certificate data for |cert_handle|. On success, // returns true and writes the DER encoded certificate to |*der_encoded|. static bool GetDEREncoded(OSCertHandle cert_handle, std::string* der_encoded); // Returns the PEM encoded data from a DER encoded certificate. If the return // value is true, then the PEM encoded certificate is written to // |pem_encoded|. static bool GetPEMEncodedFromDER(const std::string& der_encoded, std::string* pem_encoded); // Returns the PEM encoded data from an OSCertHandle. If the return value is // true, then the PEM encoded certificate is written to |pem_encoded|. static bool GetPEMEncoded(OSCertHandle cert_handle, std::string* pem_encoded); // Encodes the entire certificate chain (this certificate and any // intermediate certificates stored in |intermediate_ca_certs_|) as a series // of PEM encoded strings. Returns true if all certificates were encoded, // storig the result in |*pem_encoded|, with this certificate stored as // the first element. bool GetPEMEncodedChain(std::vector<std::string>* pem_encoded) const; // Sets |*size_bits| to be the length of the public key in bits, and sets // |*type| to one of the |PublicKeyType| values. In case of // |kPublicKeyTypeUnknown|, |*size_bits| will be set to 0. static void GetPublicKeyInfo(OSCertHandle cert_handle, size_t* size_bits, PublicKeyType* type); // Returns the OSCertHandle of this object. Because of caching, this may // differ from the OSCertHandle originally supplied during initialization. // Note: On Windows, CryptoAPI may return unexpected results if this handle // is used across multiple threads. For more details, see // CreateOSCertChainForCert(). OSCertHandle os_cert_handle() const { return cert_handle_; } // Returns true if two OSCertHandles refer to identical certificates. static bool IsSameOSCert(OSCertHandle a, OSCertHandle b); // Creates an OS certificate handle from the DER-encoded representation. // Returns NULL on failure. static OSCertHandle CreateOSCertHandleFromBytes(const char* data, int length); #if defined(USE_NSS) // Creates an OS certificate handle from the DER-encoded representation. // Returns NULL on failure. Sets the default nickname if |nickname| is // non-NULL. static OSCertHandle CreateOSCertHandleFromBytesWithNickname( const char* data, int length, const char* nickname); #endif // Creates all possible OS certificate handles from |data| encoded in a // specific |format|. Returns an empty collection on failure. static OSCertHandles CreateOSCertHandlesFromBytes( const char* data, int length, Format format); // Duplicates (or adds a reference to) an OS certificate handle. static OSCertHandle DupOSCertHandle(OSCertHandle cert_handle); // Frees (or releases a reference to) an OS certificate handle. static void FreeOSCertHandle(OSCertHandle cert_handle); // Calculates the SHA-1 fingerprint of the certificate. Returns an empty // (all zero) fingerprint on failure. // // For calculating fingerprints, prefer SHA-1 for performance when indexing, // but callers should use IsSameOSCert() before assuming two certificates are // the same. static SHA1HashValue CalculateFingerprint(OSCertHandle cert_handle); // Calculates the SHA-1 fingerprint of the intermediate CA certificates. // Returns an empty (all zero) fingerprint on failure. // // See SHA-1 caveat on CalculateFingerprint(). static SHA1HashValue CalculateCAFingerprint( const OSCertHandles& intermediates); // Calculates the SHA-256 fingerprint of the intermediate CA certificates. // Returns an empty (all zero) fingerprint on failure. // // As part of the cross-platform implementation of this function, it currently // copies the certificate bytes into local variables which makes it // potentially slower than implementing it directly for each platform. For // now, the expected consumers are not performance critical, but if // performance is a concern going forward, it may warrant implementing this on // a per-platform basis. static SHA256HashValue CalculateCAFingerprint256( const OSCertHandles& intermediates); // Calculates the SHA-256 fingerprint for the complete chain, including the // leaf certificate and all intermediate CA certificates. Returns an empty // (all zero) fingerprint on failure. static SHA256HashValue CalculateChainFingerprint256( OSCertHandle leaf, const OSCertHandles& intermediates); private: friend class base::RefCountedThreadSafe<X509Certificate>; friend class TestRootCerts; // For unit tests FRIEND_TEST_ALL_PREFIXES(X509CertificateNameVerifyTest, VerifyHostname); FRIEND_TEST_ALL_PREFIXES(X509CertificateTest, SerialNumbers); // Construct an X509Certificate from a handle to the certificate object // in the underlying crypto library. X509Certificate(OSCertHandle cert_handle, const OSCertHandles& intermediates); ~X509Certificate(); // Common object initialization code. Called by the constructors only. void Initialize(); #if defined(USE_OPENSSL_CERTS) // Resets the store returned by cert_store() to default state. Used by // TestRootCerts to undo modifications. static void ResetCertStore(); #endif // Verifies that |hostname| matches one of the certificate names or IP // addresses supplied, based on TLS name matching rules - specifically, // following http://tools.ietf.org/html/rfc6125. // |cert_common_name| is the Subject CN, e.g. from X509Certificate::subject(). // The members of |cert_san_dns_names| and |cert_san_ipaddrs| must be filled // from the dNSName and iPAddress components of the subject alternative name // extension, if present. Note these IP addresses are NOT ascii-encoded: // they must be 4 or 16 bytes of network-ordered data, for IPv4 and IPv6 // addresses, respectively. // |common_name_fallback_used| will be updated to true if cert_common_name // was used to match the hostname, or false if either of the |cert_san_*| // parameters was used to match the hostname. static bool VerifyHostname(const std::string& hostname, const std::string& cert_common_name, const std::vector<std::string>& cert_san_dns_names, const std::vector<std::string>& cert_san_ip_addrs, bool* common_name_fallback_used); // Reads a single certificate from |pickle_iter| and returns a // platform-specific certificate handle. The format of the certificate // stored in |pickle_iter| is not guaranteed to be the same across different // underlying cryptographic libraries, nor acceptable to CreateFromBytes(). // Returns an invalid handle, NULL, on failure. // NOTE: This should not be used for any new code. It is provided for // migration purposes and should eventually be removed. static OSCertHandle ReadOSCertHandleFromPickle(PickleIterator* pickle_iter); // Writes a single certificate to |pickle| in DER form. Returns false on // failure. static bool WriteOSCertHandleToPickle(OSCertHandle handle, Pickle* pickle); // The subject of the certificate. CertPrincipal subject_; // The issuer of the certificate. CertPrincipal issuer_; // This certificate is not valid before |valid_start_| base::Time valid_start_; // This certificate is not valid after |valid_expiry_| base::Time valid_expiry_; // The fingerprint of this certificate. SHA1HashValue fingerprint_; // The fingerprint of the intermediate CA certificates. SHA1HashValue ca_fingerprint_; // The serial number of this certificate, DER encoded. std::string serial_number_; // A handle to the certificate object in the underlying crypto library. OSCertHandle cert_handle_; // Untrusted intermediate certificates associated with this certificate // that may be needed for chain building. OSCertHandles intermediate_ca_certs_; #if defined(USE_NSS) // This stores any default nickname that has been set on the certificate // at creation time with CreateFromBytesWithNickname. // If this is empty, then GetDefaultNickname will return a generated name // based on the type of the certificate. std::string default_nickname_; #endif DISALLOW_COPY_AND_ASSIGN(X509Certificate); }; } // namespace net #endif // NET_CERT_X509_CERTIFICATE_H_