Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 1 | // Copyright 2011 The Go Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style |
| 3 | // license that can be found in the LICENSE file. |
| 4 | |
| 5 | package x509 |
| 6 | |
Dan Willemsen | b57d852 | 2017-01-19 15:07:53 -0800 | [diff] [blame] | 7 | import ( |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 8 | "bytes" |
| 9 | "crypto/sha256" |
Dan Willemsen | b57d852 | 2017-01-19 15:07:53 -0800 | [diff] [blame] | 10 | "encoding/pem" |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 11 | "sync" |
Dan Willemsen | b57d852 | 2017-01-19 15:07:53 -0800 | [diff] [blame] | 12 | ) |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 13 | |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 14 | type sum224 [sha256.Size224]byte |
| 15 | |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 16 | // CertPool is a set of certificates. |
| 17 | type CertPool struct { |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 18 | byName map[string][]int // cert.RawSubject => index into lazyCerts |
| 19 | |
| 20 | // lazyCerts contains funcs that return a certificate, |
| 21 | // lazily parsing/decompressing it as needed. |
| 22 | lazyCerts []lazyCert |
| 23 | |
| 24 | // haveSum maps from sum224(cert.Raw) to true. It's used only |
| 25 | // for AddCert duplicate detection, to avoid CertPool.contains |
| 26 | // calls in the AddCert path (because the contains method can |
| 27 | // call getCert and otherwise negate savings from lazy getCert |
| 28 | // funcs). |
| 29 | haveSum map[sum224]bool |
Dan Willemsen | bc60c3c | 2021-12-15 01:09:00 -0800 | [diff] [blame] | 30 | |
| 31 | // systemPool indicates whether this is a special pool derived from the |
| 32 | // system roots. If it includes additional roots, it requires doing two |
| 33 | // verifications, one using the roots provided by the caller, and one using |
| 34 | // the system platform verifier. |
| 35 | systemPool bool |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 36 | } |
| 37 | |
| 38 | // lazyCert is minimal metadata about a Cert and a func to retrieve it |
| 39 | // in its normal expanded *Certificate form. |
| 40 | type lazyCert struct { |
| 41 | // rawSubject is the Certificate.RawSubject value. |
| 42 | // It's the same as the CertPool.byName key, but in []byte |
| 43 | // form to make CertPool.Subjects (as used by crypto/tls) do |
| 44 | // fewer allocations. |
| 45 | rawSubject []byte |
| 46 | |
| 47 | // getCert returns the certificate. |
| 48 | // |
| 49 | // It is not meant to do network operations or anything else |
| 50 | // where a failure is likely; the func is meant to lazily |
| 51 | // parse/decompress data that is already known to be good. The |
| 52 | // error in the signature primarily is meant for use in the |
| 53 | // case where a cert file existed on local disk when the program |
| 54 | // started up is deleted later before it's read. |
| 55 | getCert func() (*Certificate, error) |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 56 | } |
| 57 | |
| 58 | // NewCertPool returns a new, empty CertPool. |
| 59 | func NewCertPool() *CertPool { |
| 60 | return &CertPool{ |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 61 | byName: make(map[string][]int), |
| 62 | haveSum: make(map[sum224]bool), |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 63 | } |
| 64 | } |
| 65 | |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 66 | // len returns the number of certs in the set. |
| 67 | // A nil set is a valid empty set. |
| 68 | func (s *CertPool) len() int { |
| 69 | if s == nil { |
| 70 | return 0 |
| 71 | } |
| 72 | return len(s.lazyCerts) |
| 73 | } |
| 74 | |
| 75 | // cert returns cert index n in s. |
| 76 | func (s *CertPool) cert(n int) (*Certificate, error) { |
| 77 | return s.lazyCerts[n].getCert() |
| 78 | } |
| 79 | |
Dan Willemsen | c741332 | 2018-08-27 23:21:26 -0700 | [diff] [blame] | 80 | func (s *CertPool) copy() *CertPool { |
| 81 | p := &CertPool{ |
Dan Willemsen | bc60c3c | 2021-12-15 01:09:00 -0800 | [diff] [blame] | 82 | byName: make(map[string][]int, len(s.byName)), |
| 83 | lazyCerts: make([]lazyCert, len(s.lazyCerts)), |
| 84 | haveSum: make(map[sum224]bool, len(s.haveSum)), |
| 85 | systemPool: s.systemPool, |
Dan Willemsen | c741332 | 2018-08-27 23:21:26 -0700 | [diff] [blame] | 86 | } |
| 87 | for k, v := range s.byName { |
| 88 | indexes := make([]int, len(v)) |
| 89 | copy(indexes, v) |
| 90 | p.byName[k] = indexes |
| 91 | } |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 92 | for k := range s.haveSum { |
| 93 | p.haveSum[k] = true |
| 94 | } |
| 95 | copy(p.lazyCerts, s.lazyCerts) |
Dan Willemsen | c741332 | 2018-08-27 23:21:26 -0700 | [diff] [blame] | 96 | return p |
| 97 | } |
| 98 | |
Dan Willemsen | 38f2dba | 2016-07-08 14:54:35 -0700 | [diff] [blame] | 99 | // SystemCertPool returns a copy of the system cert pool. |
| 100 | // |
Patrice Arruda | 4fc930d | 2020-08-03 23:20:51 +0000 | [diff] [blame] | 101 | // On Unix systems other than macOS the environment variables SSL_CERT_FILE and |
| 102 | // SSL_CERT_DIR can be used to override the system default locations for the SSL |
| 103 | // certificate file and SSL certificate files directory, respectively. The |
| 104 | // latter can be a colon-separated list. |
Dan Willemsen | c741332 | 2018-08-27 23:21:26 -0700 | [diff] [blame] | 105 | // |
Patrice Arruda | 4fc930d | 2020-08-03 23:20:51 +0000 | [diff] [blame] | 106 | // Any mutations to the returned pool are not written to disk and do not affect |
| 107 | // any other pool returned by SystemCertPool. |
| 108 | // |
| 109 | // New changes in the system cert pool might not be reflected in subsequent calls. |
Dan Willemsen | 38f2dba | 2016-07-08 14:54:35 -0700 | [diff] [blame] | 110 | func SystemCertPool() (*CertPool, error) { |
Dan Willemsen | c741332 | 2018-08-27 23:21:26 -0700 | [diff] [blame] | 111 | if sysRoots := systemRootsPool(); sysRoots != nil { |
| 112 | return sysRoots.copy(), nil |
| 113 | } |
| 114 | |
Dan Willemsen | 38f2dba | 2016-07-08 14:54:35 -0700 | [diff] [blame] | 115 | return loadSystemRoots() |
| 116 | } |
| 117 | |
Colin Cross | d9c6b80 | 2019-03-19 21:10:31 -0700 | [diff] [blame] | 118 | // findPotentialParents returns the indexes of certificates in s which might |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 119 | // have signed cert. |
| 120 | func (s *CertPool) findPotentialParents(cert *Certificate) []*Certificate { |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 121 | if s == nil { |
Colin Cross | d9c6b80 | 2019-03-19 21:10:31 -0700 | [diff] [blame] | 122 | return nil |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 123 | } |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 124 | |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 125 | // consider all candidates where cert.Issuer matches cert.Subject. |
| 126 | // when picking possible candidates the list is built in the order |
| 127 | // of match plausibility as to save cycles in buildChains: |
| 128 | // AKID and SKID match |
| 129 | // AKID present, SKID missing / AKID missing, SKID present |
| 130 | // AKID and SKID don't match |
| 131 | var matchingKeyID, oneKeyID, mismatchKeyID []*Certificate |
| 132 | for _, c := range s.byName[string(cert.RawIssuer)] { |
| 133 | candidate, err := s.cert(c) |
| 134 | if err != nil { |
| 135 | continue |
| 136 | } |
| 137 | kidMatch := bytes.Equal(candidate.SubjectKeyId, cert.AuthorityKeyId) |
| 138 | switch { |
| 139 | case kidMatch: |
| 140 | matchingKeyID = append(matchingKeyID, candidate) |
| 141 | case (len(candidate.SubjectKeyId) == 0 && len(cert.AuthorityKeyId) > 0) || |
| 142 | (len(candidate.SubjectKeyId) > 0 && len(cert.AuthorityKeyId) == 0): |
| 143 | oneKeyID = append(oneKeyID, candidate) |
| 144 | default: |
| 145 | mismatchKeyID = append(mismatchKeyID, candidate) |
| 146 | } |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 147 | } |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 148 | |
| 149 | found := len(matchingKeyID) + len(oneKeyID) + len(mismatchKeyID) |
| 150 | if found == 0 { |
| 151 | return nil |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 152 | } |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 153 | candidates := make([]*Certificate, 0, found) |
| 154 | candidates = append(candidates, matchingKeyID...) |
| 155 | candidates = append(candidates, oneKeyID...) |
| 156 | candidates = append(candidates, mismatchKeyID...) |
Colin Cross | d9c6b80 | 2019-03-19 21:10:31 -0700 | [diff] [blame] | 157 | return candidates |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 158 | } |
| 159 | |
Dan Willemsen | ebae302 | 2017-01-13 23:01:08 -0800 | [diff] [blame] | 160 | func (s *CertPool) contains(cert *Certificate) bool { |
| 161 | if s == nil { |
| 162 | return false |
| 163 | } |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 164 | return s.haveSum[sha256.Sum224(cert.Raw)] |
Dan Willemsen | ebae302 | 2017-01-13 23:01:08 -0800 | [diff] [blame] | 165 | } |
| 166 | |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 167 | // AddCert adds a certificate to a pool. |
| 168 | func (s *CertPool) AddCert(cert *Certificate) { |
| 169 | if cert == nil { |
| 170 | panic("adding nil Certificate to CertPool") |
| 171 | } |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 172 | s.addCertFunc(sha256.Sum224(cert.Raw), string(cert.RawSubject), func() (*Certificate, error) { |
| 173 | return cert, nil |
| 174 | }) |
| 175 | } |
| 176 | |
| 177 | // addCertFunc adds metadata about a certificate to a pool, along with |
| 178 | // a func to fetch that certificate later when needed. |
| 179 | // |
| 180 | // The rawSubject is Certificate.RawSubject and must be non-empty. |
| 181 | // The getCert func may be called 0 or more times. |
| 182 | func (s *CertPool) addCertFunc(rawSum224 sum224, rawSubject string, getCert func() (*Certificate, error)) { |
| 183 | if getCert == nil { |
| 184 | panic("getCert can't be nil") |
| 185 | } |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 186 | |
| 187 | // Check that the certificate isn't being added twice. |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 188 | if s.haveSum[rawSum224] { |
Dan Willemsen | ebae302 | 2017-01-13 23:01:08 -0800 | [diff] [blame] | 189 | return |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 190 | } |
| 191 | |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 192 | s.haveSum[rawSum224] = true |
| 193 | s.lazyCerts = append(s.lazyCerts, lazyCert{ |
| 194 | rawSubject: []byte(rawSubject), |
| 195 | getCert: getCert, |
| 196 | }) |
| 197 | s.byName[rawSubject] = append(s.byName[rawSubject], len(s.lazyCerts)-1) |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 198 | } |
| 199 | |
| 200 | // AppendCertsFromPEM attempts to parse a series of PEM encoded certificates. |
Dan Willemsen | 09eb3b1 | 2015-09-16 14:34:17 -0700 | [diff] [blame] | 201 | // It appends any certificates found to s and reports whether any certificates |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 202 | // were successfully parsed. |
| 203 | // |
| 204 | // On many Linux systems, /etc/ssl/cert.pem will contain the system wide set |
| 205 | // of root CAs in a format suitable for this function. |
| 206 | func (s *CertPool) AppendCertsFromPEM(pemCerts []byte) (ok bool) { |
| 207 | for len(pemCerts) > 0 { |
| 208 | var block *pem.Block |
| 209 | block, pemCerts = pem.Decode(pemCerts) |
| 210 | if block == nil { |
| 211 | break |
| 212 | } |
| 213 | if block.Type != "CERTIFICATE" || len(block.Headers) != 0 { |
| 214 | continue |
| 215 | } |
| 216 | |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 217 | certBytes := block.Bytes |
| 218 | cert, err := ParseCertificate(certBytes) |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 219 | if err != nil { |
| 220 | continue |
| 221 | } |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 222 | var lazyCert struct { |
| 223 | sync.Once |
| 224 | v *Certificate |
| 225 | } |
| 226 | s.addCertFunc(sha256.Sum224(cert.Raw), string(cert.RawSubject), func() (*Certificate, error) { |
| 227 | lazyCert.Do(func() { |
| 228 | // This can't fail, as the same bytes already parsed above. |
| 229 | lazyCert.v, _ = ParseCertificate(certBytes) |
| 230 | certBytes = nil |
| 231 | }) |
| 232 | return lazyCert.v, nil |
| 233 | }) |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 234 | ok = true |
| 235 | } |
| 236 | |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 237 | return ok |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 238 | } |
| 239 | |
| 240 | // Subjects returns a list of the DER-encoded subjects of |
| 241 | // all of the certificates in the pool. |
Dan Willemsen | bc60c3c | 2021-12-15 01:09:00 -0800 | [diff] [blame] | 242 | // |
| 243 | // Deprecated: if s was returned by SystemCertPool, Subjects |
| 244 | // will not include the system roots. |
Dan Willemsen | 38f2dba | 2016-07-08 14:54:35 -0700 | [diff] [blame] | 245 | func (s *CertPool) Subjects() [][]byte { |
Colin Cross | 1f80552 | 2021-05-14 11:10:59 -0700 | [diff] [blame] | 246 | res := make([][]byte, s.len()) |
| 247 | for i, lc := range s.lazyCerts { |
| 248 | res[i] = lc.rawSubject |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 249 | } |
Dan Willemsen | 38f2dba | 2016-07-08 14:54:35 -0700 | [diff] [blame] | 250 | return res |
Brent Austin | ba3052e | 2015-04-21 16:08:23 -0700 | [diff] [blame] | 251 | } |