Changeset 248268 in webkit


Ignore:
Timestamp:
Aug 5, 2019 12:34:23 AM (5 years ago)
Author:
commit-queue@webkit.org
Message:

[Curl] implement CertificateInfo::summaryInfo
https://bugs.webkit.org/show_bug.cgi?id=191498

Patch by Takashi Komori <Takashi.Komori@sony.com> on 2019-08-05
Reviewed by Alex Christensen.

Source/WebCore:

Implement CertificaeInfo::SummaryInfo.
This patch makes WebInspector show summary of certificates.

Tests: http/tests/inspector/network/resource-security-certificate.html

http/tests/inspector/network/getSerializedCertificate.html

  • platform/Curl.cmake:
  • platform/network/curl/CertificateInfo.h:

(WTF::Persistence::Coder<WebCore::CertificateInfo>::encode):
(WTF::Persistence::Coder<WebCore::CertificateInfo>::decode):
(WebCore::CertificateInfo::summaryInfo const): Deleted.

  • platform/network/curl/CertificateInfoCurl.cpp:

(WebCore::CertificateInfo::summaryInfo const):

  • platform/network/curl/CurlSSLVerifier.cpp:

(WebCore::CurlSSLVerifier::collectInfo):
(WebCore::CurlSSLVerifier::verifyCallback):
(WebCore::StackOfX509::StackOfX509): Deleted.
(WebCore::StackOfX509::~StackOfX509): Deleted.
(WebCore::StackOfX509::count): Deleted.
(WebCore::StackOfX509::item): Deleted.
(): Deleted.
(WebCore::BIOHolder::BIOHolder): Deleted.
(WebCore::BIOHolder::~BIOHolder): Deleted.
(WebCore::BIOHolder::write): Deleted.
(WebCore::BIOHolder::asCertificate): Deleted.
(WebCore::pemDataFromCtx): Deleted.

  • platform/network/curl/CurlSSLVerifier.h:
  • platform/network/curl/OpenSSLHelper.cpp: Added.

(OpenSSL::deleter<X509>::operator()):
(OpenSSL::StackOfGeneralName::StackOfGeneralName):
(OpenSSL::StackOfGeneralName::~StackOfGeneralName):
(OpenSSL::StackOfGeneralName::operator bool):
(OpenSSL::StackOfGeneralName::count):
(OpenSSL::StackOfGeneralName::item):
(OpenSSL::StackOfX509::StackOfX509):
(OpenSSL::StackOfX509::~StackOfX509):
(OpenSSL::StackOfX509::count):
(OpenSSL::StackOfX509::item):
(OpenSSL::BIO::BIO):
(OpenSSL::BIO::~BIO):
(OpenSSL::BIO::getDataAsVector const):
(OpenSSL::BIO::getDataAsString const):
(OpenSSL::BIO::readX509):
(OpenSSL::BIO::get):
(OpenSSL::pemDataFromCtx):
(OpenSSL::createCertificateInfo):
(OpenSSL::toString):
(OpenSSL::getCommonName):
(OpenSSL::getSubjectName):
(OpenSSL::convertASN1TimeToSeconds):
(OpenSSL::getSubjectAltName):
(OpenSSL::createSummaryInfo):

  • platform/network/curl/OpenSSLHelper.h: Copied from Source/WebCore/platform/network/curl/CertificateInfoCurl.cpp.

Source/WTF:

Fixed function template for encoding vector.

  • wtf/persistence/PersistentCoders.h:

LayoutTests:

  • platform/wincairo-wk1/TestExpectations:
  • platform/wincairo/TestExpectations:
Location:
trunk
Files:
1 added
11 edited
1 copied

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r248267 r248268  
     12019-08-05  Takashi Komori  <Takashi.Komori@sony.com>
     2
     3        [Curl] implement CertificateInfo::summaryInfo
     4        https://bugs.webkit.org/show_bug.cgi?id=191498
     5
     6        Reviewed by Alex Christensen.
     7
     8        * platform/wincairo-wk1/TestExpectations:
     9        * platform/wincairo/TestExpectations:
     10
    1112019-08-04  Youenn Fablet  <youenn@apple.com>
    212

  • trunk/LayoutTests/platform/wincairo-wk1/TestExpectations

    r247556 r248268  
    332332resize-observer/modify-frametree-in-callback.html [ Skip ]
    333333resize-observer/multi-frames.html [ Skip ]
     334
     335# WinCairo wk1 doesn't support inspector tests.
     336webkit.org/b/191498 http/tests/inspector/network/resource-security-certificate.html [ Skip ]
     337webkit.org/b/191498 http/tests/inspector/network/getSerializedCertificate.html [ Skip ]

  • trunk/LayoutTests/platform/wincairo/TestExpectations

    r247556 r248268  
    10191019
    10201020webkit.org/b/192406 http/tests/inspector/network/resource-security-connection.html [ Skip ]
    1021 webkit.org/b/191498 http/tests/inspector/network/resource-security-certificate.html [ Skip ]
    1022 webkit.org/b/191498 http/tests/inspector/network/getSerializedCertificate.html [ Skip ]
     1021webkit.org/b/191498 http/tests/inspector/network/resource-security-certificate.html [ Pass ]
     1022webkit.org/b/191498 http/tests/inspector/network/getSerializedCertificate.html [ Pass ]
    10231023
    10241024#///////////////////////////////////////////////////////////////////////////////

  • trunk/Source/WTF/ChangeLog

    r248192 r248268  
     12019-08-05  Takashi Komori  <Takashi.Komori@sony.com>
     2
     3        [Curl] implement CertificateInfo::summaryInfo
     4        https://bugs.webkit.org/show_bug.cgi?id=191498
     5
     6        Reviewed by Alex Christensen.
     7
     8        Fixed function template for encoding vector.
     9
     10        * wtf/persistence/PersistentCoders.h:
     11
    1122019-08-02  Mark Lam  <mark.lam@apple.com>
    213

  • trunk/Source/WTF/wtf/persistence/PersistentCoders.h

    r248044 r248268  
    151151    {
    152152        encoder << static_cast<uint64_t>(vector.size());
    153         encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(vector.data()), vector.size() * sizeof(T), alignof(T));
     153        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(vector.data()), vector.size() * sizeof(T));
    154154    }
    155155   

  • trunk/Source/WebCore/ChangeLog

    r248267 r248268  
     12019-08-05  Takashi Komori  <Takashi.Komori@sony.com>
     2
     3        [Curl] implement CertificateInfo::summaryInfo
     4        https://bugs.webkit.org/show_bug.cgi?id=191498
     5
     6        Reviewed by Alex Christensen.
     7
     8        Implement CertificaeInfo::SummaryInfo.
     9        This patch makes WebInspector show summary of certificates.
     10
     11        Tests: http/tests/inspector/network/resource-security-certificate.html
     12               http/tests/inspector/network/getSerializedCertificate.html
     13
     14        * platform/Curl.cmake:
     15        * platform/network/curl/CertificateInfo.h:
     16        (WTF::Persistence::Coder<WebCore::CertificateInfo>::encode):
     17        (WTF::Persistence::Coder<WebCore::CertificateInfo>::decode):
     18        (WebCore::CertificateInfo::summaryInfo const): Deleted.
     19        * platform/network/curl/CertificateInfoCurl.cpp:
     20        (WebCore::CertificateInfo::summaryInfo const):
     21        * platform/network/curl/CurlSSLVerifier.cpp:
     22        (WebCore::CurlSSLVerifier::collectInfo):
     23        (WebCore::CurlSSLVerifier::verifyCallback):
     24        (WebCore::StackOfX509::StackOfX509): Deleted.
     25        (WebCore::StackOfX509::~StackOfX509): Deleted.
     26        (WebCore::StackOfX509::count): Deleted.
     27        (WebCore::StackOfX509::item): Deleted.
     28        (): Deleted.
     29        (WebCore::BIOHolder::BIOHolder): Deleted.
     30        (WebCore::BIOHolder::~BIOHolder): Deleted.
     31        (WebCore::BIOHolder::write): Deleted.
     32        (WebCore::BIOHolder::asCertificate): Deleted.
     33        (WebCore::pemDataFromCtx): Deleted.
     34        * platform/network/curl/CurlSSLVerifier.h:
     35        * platform/network/curl/OpenSSLHelper.cpp: Added.
     36        (OpenSSL::deleter<X509>::operator()):
     37        (OpenSSL::StackOfGeneralName::StackOfGeneralName):
     38        (OpenSSL::StackOfGeneralName::~StackOfGeneralName):
     39        (OpenSSL::StackOfGeneralName::operator bool):
     40        (OpenSSL::StackOfGeneralName::count):
     41        (OpenSSL::StackOfGeneralName::item):
     42        (OpenSSL::StackOfX509::StackOfX509):
     43        (OpenSSL::StackOfX509::~StackOfX509):
     44        (OpenSSL::StackOfX509::count):
     45        (OpenSSL::StackOfX509::item):
     46        (OpenSSL::BIO::BIO):
     47        (OpenSSL::BIO::~BIO):
     48        (OpenSSL::BIO::getDataAsVector const):
     49        (OpenSSL::BIO::getDataAsString const):
     50        (OpenSSL::BIO::readX509):
     51        (OpenSSL::BIO::get):
     52        (OpenSSL::pemDataFromCtx):
     53        (OpenSSL::createCertificateInfo):
     54        (OpenSSL::toString):
     55        (OpenSSL::getCommonName):
     56        (OpenSSL::getSubjectName):
     57        (OpenSSL::convertASN1TimeToSeconds):
     58        (OpenSSL::getSubjectAltName):
     59        (OpenSSL::createSummaryInfo):
     60        * platform/network/curl/OpenSSLHelper.h: Copied from Source/WebCore/platform/network/curl/CertificateInfoCurl.cpp.
     61
    1622019-08-04  Youenn Fablet  <youenn@apple.com>
    263

  • trunk/Source/WebCore/platform/Curl.cmake

    r244443 r248268  
    2525    platform/network/curl/DNSResolveQueueCurl.cpp
    2626    platform/network/curl/NetworkStorageSessionCurl.cpp
     27    platform/network/curl/OpenSSLHelper.cpp
    2728    platform/network/curl/ProtectionSpaceCurl.cpp
    2829    platform/network/curl/ProxyServerCurl.cpp
     
    5253    platform/network/curl/CurlRequest.h
    5354    platform/network/curl/CurlRequestClient.h
     55    platform/network/curl/CurlRequestScheduler.h
    5456    platform/network/curl/CurlRequestSchedulerClient.h
    5557    platform/network/curl/CurlResourceHandleDelegate.h
    5658    platform/network/curl/CurlResponse.h
    5759    platform/network/curl/CurlSSLHandle.h
     60    platform/network/curl/CurlSSLVerifier.h
     61    platform/network/curl/DNSResolveQueueCurl.h
    5862    platform/network/curl/DownloadBundle.h
     63    platform/network/curl/OpenSSLHelper.h
    5964    platform/network/curl/ProtectionSpaceCurl.h
    6065    platform/network/curl/ResourceError.h

  • trunk/Source/WebCore/platform/network/curl/CertificateInfo.h

    r239427 r248268  
    5050    bool containsNonRootSHA1SignedCertificate() const { notImplemented(); return false; }
    5151
    52     Optional<SummaryInfo> summaryInfo() const { notImplemented(); return WTF::nullopt; }
     52    Optional<SummaryInfo> summaryInfo() const;
    5353
    5454    bool isEmpty() const { return m_certificateChain.isEmpty(); }
     
    7272
    7373template<> struct Coder<WebCore::CertificateInfo> {
    74     static void encode(Encoder&, const WebCore::CertificateInfo&)
     74    static void encode(Encoder& encoder, const WebCore::CertificateInfo& certificateInfo)
    7575    {
    76         notImplemented();
     76        auto& certificateChain = certificateInfo.certificateChain();
     77
     78        encoder << certificateInfo.verificationError();
     79        encoder << certificateChain.size();
     80        for (auto& certificate : certificateChain)
     81            encoder << certificate;
    7782    }
    7883
    79     static bool decode(Decoder&, WebCore::CertificateInfo&)
     84    static bool decode(Decoder& decoder, WebCore::CertificateInfo& certificateInfo)
    8085    {
    81         notImplemented();
    82         return false;
     86        int verificationError;
     87        if (!decoder.decode(verificationError))
     88            return false;
     89
     90        size_t numOfCert = 0;
     91        if (!decoder.decode(numOfCert))
     92            return false;
     93
     94        WebCore::CertificateInfo::CertificateChain certificateChain;
     95        for (size_t i = 0; i < numOfCert; i++) {
     96            WebCore::CertificateInfo::Certificate certificate;
     97            if (!decoder.decode(certificate))
     98                return false;
     99
     100            certificateChain.append(WTFMove(certificate));
     101        }
     102
     103        certificateInfo = WebCore::CertificateInfo(verificationError, WTFMove(certificateChain));
     104        return true;
    83105    }
    84106};

  • trunk/Source/WebCore/platform/network/curl/CertificateInfoCurl.cpp

    r238387 r248268  
    11/*
    2  * Copyright (C) 2018 Sony Interactive Entertainment Inc.
     2 * Copyright (C) 2019 Sony Interactive Entertainment Inc.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    2727#include "CertificateInfo.h"
    2828
     29#include "OpenSSLHelper.h"
    2930#include <wtf/CrossThreadCopier.h>
    3031
     
    5152}
    5253
     54Optional<CertificateInfo::SummaryInfo> CertificateInfo::summaryInfo() const
     55{
     56    if (!m_certificateChain.size())
     57        return WTF::nullopt;
     58
     59    return OpenSSL::createSummaryInfo(m_certificateChain.at(0));
     60}
     61
    5362}
    5463

  • trunk/Source/WebCore/platform/network/curl/CurlSSLVerifier.cpp

    r242842 r248268  
    3131#include "CurlContext.h"
    3232#include "CurlSSLHandle.h"
    33 #include <openssl/ssl.h>
    3433
    3534namespace WebCore {
    3635
    37 static Vector<CertificateInfo::Certificate> pemDataFromCtx(X509StoreCTX*);
    3836static CurlSSLVerifier::SSLCertificateFlags convertToSSLCertificateFlags(unsigned);
    3937
     
    6260}
    6361
    64 void CurlSSLVerifier::collectInfo(X509StoreCTX* ctx)
     62void CurlSSLVerifier::collectInfo(X509_STORE_CTX* ctx)
    6563{
    66     m_certificateInfo = CertificateInfo { X509_STORE_CTX_get_error(ctx), pemDataFromCtx(ctx) };
     64    if (auto certificateInfo = OpenSSL::createCertificateInfo(ctx))
     65        m_certificateInfo = WTFMove(*certificateInfo);
    6766
    6867    if (auto error = m_certificateInfo.verificationError())
     
    7069}
    7170
    72 int CurlSSLVerifier::verifyCallback(int preverified, X509StoreCTX* ctx)
     71int CurlSSLVerifier::verifyCallback(int preverified, X509_STORE_CTX* ctx)
    7372{
    7473    auto ssl = static_cast<SSL*>(X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
     
    7978    // whether the verification of the certificate in question was passed (preverified=1) or not (preverified=0)
    8079    return preverified;
    81 }
    82 
    83 class StackOfX509 {
    84 public:
    85     explicit StackOfX509(X509StoreCTX* ctx)
    86         : m_certs { X509_STORE_CTX_get1_chain(ctx) }
    87     {
    88     }
    89 
    90     ~StackOfX509()
    91     {
    92         if (m_certs)
    93             sk_X509_pop_free(m_certs, X509_free);
    94     }
    95 
    96     unsigned count() { return sk_X509_num(m_certs); }
    97     X509* item(unsigned i) { return sk_X509_value(m_certs, i); }
    98 
    99 private:
    100     STACK_OF(X509)* m_certs { nullptr };
    101 };
    102 
    103 class BIOHolder {
    104 public:
    105     BIOHolder()
    106         : m_bio { BIO_new(BIO_s_mem()) }
    107     {
    108     }
    109 
    110     ~BIOHolder()
    111     {
    112         if (m_bio)
    113             BIO_free(m_bio);
    114     }
    115 
    116     bool write(X509* data) { return PEM_write_bio_X509(m_bio, data); }
    117     CertificateInfo::Certificate asCertificate()
    118     {
    119         uint8_t* data;
    120         long length = BIO_get_mem_data(m_bio, &data);
    121         if (length < 0)
    122             return CertificateInfo::Certificate();
    123 
    124         auto cert = CertificateInfo::makeCertificate(data, length);
    125         return cert;
    126     }
    127 
    128 private:
    129     BIO* m_bio { nullptr };
    130 };
    131 
    132 static Vector<CertificateInfo::Certificate> pemDataFromCtx(X509StoreCTX* ctx)
    133 {
    134     Vector<CertificateInfo::Certificate> result;
    135     StackOfX509 certs { ctx };
    136     for (int i = 0; i < certs.count(); i++) {
    137         BIOHolder bio;
    138 
    139         if (!bio.write(certs.item(i)))
    140             return Vector<CertificateInfo::Certificate> { };
    141 
    142         auto certificate = bio.asCertificate();
    143         if (certificate.isEmpty())
    144             return Vector<CertificateInfo::Certificate> { };
    145 
    146         result.append(WTFMove(certificate));
    147     }
    148 
    149     return result;
    15080}
    15181

  • trunk/Source/WebCore/platform/network/curl/CurlSSLVerifier.h

    r242842 r248268  
    2828
    2929#include "CertificateInfo.h"
     30#include "OpenSSLHelper.h"
    3031#include <wtf/Noncopyable.h>
    3132#include <wtf/text/WTFString.h>
    3233
    33 struct x509_store_ctx_st;
    34 typedef struct x509_store_ctx_st X509StoreCTX;
    35 
    3634namespace WebCore {
    37 
    38 class CurlHandle;
    3935
    4036class CurlSSLVerifier {
     
    5753
    5854private:
    59     static int verifyCallback(int, X509StoreCTX*);
     55    static int verifyCallback(int, X509_STORE_CTX*);
     56    void collectInfo(X509_STORE_CTX*);
    6057
    6158    int m_sslErrors { 0 };
    6259    CertificateInfo m_certificateInfo;
    63 
    64     void collectInfo(X509StoreCTX*);
    6560};
    6661

  • trunk/Source/WebCore/platform/network/curl/OpenSSLHelper.h

    r248267 r248268  
    11/*
    2  * Copyright (C) 2018 Sony Interactive Entertainment Inc.
     2 * Copyright (C) 2019 Sony Interactive Entertainment Inc.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    2424 */
    2525
    26 #include "config.h"
     26#pragma once
     27
    2728#include "CertificateInfo.h"
     29#include <openssl/ssl.h>
     30#include <wtf/Optional.h>
     31#include <wtf/Vector.h>
    2832
    29 #include <wtf/CrossThreadCopier.h>
     33namespace OpenSSL {
    3034
    31 #if USE(CURL)
     35Optional<WebCore::CertificateInfo> createCertificateInfo(X509_STORE_CTX*);
     36Optional<WebCore::CertificateInfo::SummaryInfo> createSummaryInfo(const Vector<uint8_t>& pem);
    3237
    33 namespace WebCore {
    34 
    35 CertificateInfo::CertificateInfo(int verificationError, CertificateChain&& certificateChain)
    36     : m_verificationError(verificationError)
    37     , m_certificateChain(WTFMove(certificateChain))
    38 {
    39 }
    40 
    41 CertificateInfo CertificateInfo::isolatedCopy() const
    42 {
    43     return { m_verificationError, crossThreadCopy(m_certificateChain) };
    44 }
    45 
    46 CertificateInfo::Certificate CertificateInfo::makeCertificate(const uint8_t* buffer, size_t size)
    47 {
    48     Certificate certificate;
    49     certificate.append(buffer, size);
    50     return certificate;
    51 }
    52 
    53 }
    54 
    55 #endif
     38} // namespace OpenSSL
Note: See TracChangeset for help on using the changeset viewer.