Web Inspector: Network: add button to show system certificate dialog
[WebKit-https.git] / Source / WebCore / platform / network / cf / CertificateInfo.h
1 /*
2  * Copyright (C) 2010 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #pragma once
27
28 #include "CertificateInfoBase.h"
29 #include <wtf/RetainPtr.h>
30 #include <wtf/Vector.h>
31 #include <wtf/cf/TypeCastsCF.h>
32 #include <wtf/persistence/PersistentCoders.h>
33 #include <wtf/persistence/PersistentDecoder.h>
34 #include <wtf/persistence/PersistentEncoder.h>
35
36 #if PLATFORM(COCOA)
37 #include <Security/SecCertificate.h>
38 #include <Security/SecTrust.h>
39 #include <wtf/spi/cocoa/SecuritySPI.h>
40
41 WTF_DECLARE_CF_TYPE_TRAIT(SecCertificate);
42 #endif
43
44 namespace WebCore {
45
46 class CertificateInfo : public CertificateInfoBase {
47 public:
48      CertificateInfo() = default;
49  
50     enum class Type {
51         None,
52         CertificateChain,
53 #if HAVE(SEC_TRUST_SERIALIZATION)
54         Trust,
55 #endif
56     };
57
58 #if HAVE(SEC_TRUST_SERIALIZATION)
59     explicit CertificateInfo(RetainPtr<SecTrustRef>&& trust)
60         : m_trust(WTFMove(trust))
61     {
62     }
63  
64     SecTrustRef trust() const { return m_trust.get(); }
65 #endif
66
67     CertificateInfo(RetainPtr<CFArrayRef>&& certificateChain)
68         : m_certificateChain(WTFMove(certificateChain))
69     {
70     }
71
72     WEBCORE_EXPORT CFArrayRef certificateChain() const;
73
74     WEBCORE_EXPORT Type type() const;
75     WEBCORE_EXPORT bool containsNonRootSHA1SignedCertificate() const;
76
77     std::optional<SummaryInfo> summaryInfo() const;
78
79     bool isEmpty() const { return type() == Type::None; }
80
81 #if PLATFORM(COCOA)
82     static RetainPtr<CFArrayRef> certificateChainFromSecTrust(SecTrustRef);
83 #endif
84
85 #ifndef NDEBUG
86 #if PLATFORM(COCOA)
87     void dump() const;
88 #endif
89 #endif
90
91 private:
92 #if HAVE(SEC_TRUST_SERIALIZATION)
93     RetainPtr<SecTrustRef> m_trust;
94 #endif
95     mutable RetainPtr<CFArrayRef> m_certificateChain;
96 };
97
98 } // namespace WebCore
99
100 namespace WTF {
101 namespace Persistence {
102
103 static void encodeCFData(Encoder& encoder, CFDataRef data)
104 {
105     uint64_t length = CFDataGetLength(data);
106     const uint8_t* bytePtr = CFDataGetBytePtr(data);
107
108     encoder << length;
109     encoder.encodeFixedLengthData(bytePtr, static_cast<size_t>(length));
110 }
111
112 static bool decodeCFData(Decoder& decoder, RetainPtr<CFDataRef>& data)
113 {
114     uint64_t size = 0;
115     if (!decoder.decode(size))
116         return false;
117
118     Vector<uint8_t> vector(static_cast<size_t>(size));
119     if (!decoder.decodeFixedLengthData(vector.data(), vector.size()))
120         return false;
121
122     data = adoptCF(CFDataCreate(nullptr, vector.data(), vector.size()));
123     return true;
124 }
125
126 #if HAVE(SEC_TRUST_SERIALIZATION)
127 static void encodeSecTrustRef(Encoder& encoder, SecTrustRef trust)
128 {
129     auto data = adoptCF(SecTrustSerialize(trust, nullptr));
130     if (!data) {
131         encoder << false;
132         return;
133     }
134
135     encoder << true;
136     encodeCFData(encoder, data.get());
137 }
138
139 static bool decodeSecTrustRef(Decoder& decoder, RetainPtr<SecTrustRef>& result)
140 {
141     bool hasTrust;
142     if (!decoder.decode(hasTrust))
143         return false;
144
145     if (!hasTrust)
146         return true;
147
148     RetainPtr<CFDataRef> trustData;
149     if (!decodeCFData(decoder, trustData))
150         return false;
151
152     auto trust = adoptCF(SecTrustDeserialize(trustData.get(), nullptr));
153     if (!trust)
154         return false;
155
156     result = WTFMove(trust);
157     return true;
158 }
159 #endif
160
161 #if PLATFORM(COCOA)
162 static void encodeCertificateChain(Encoder& encoder, CFArrayRef certificateChain)
163 {
164     CFIndex size = CFArrayGetCount(certificateChain);
165     Vector<CFTypeRef, 32> values(size);
166
167     CFArrayGetValues(certificateChain, CFRangeMake(0, size), values.data());
168
169     encoder << static_cast<uint64_t>(size);
170
171     for (CFIndex i = 0; i < size; ++i) {
172         ASSERT(values[i]);
173         auto data = adoptCF(SecCertificateCopyData(checked_cf_cast<SecCertificateRef>(values[i])));
174         encodeCFData(encoder, data.get());
175     }
176 }
177
178 static bool decodeCertificateChain(Decoder& decoder, RetainPtr<CFArrayRef>& certificateChain)
179 {
180     uint64_t size;
181     if (!decoder.decode(size))
182         return false;
183
184     auto array = adoptCF(CFArrayCreateMutable(0, 0, &kCFTypeArrayCallBacks));
185
186     for (size_t i = 0; i < size; ++i) {
187         RetainPtr<CFDataRef> data;
188         if (!decodeCFData(decoder, data))
189             return false;
190
191         auto certificate = adoptCF(SecCertificateCreateWithData(0, data.get()));
192         CFArrayAppendValue(array.get(), certificate.get());
193     }
194
195     certificateChain = WTFMove(array);
196     return true;
197 }
198 #endif
199
200 template<> struct Coder<WebCore::CertificateInfo> {
201     static void encode(Encoder& encoder, const WebCore::CertificateInfo& certificateInfo)
202     {
203         encoder.encodeEnum(certificateInfo.type());
204
205         switch (certificateInfo.type()) {
206 #if HAVE(SEC_TRUST_SERIALIZATION)
207         case WebCore::CertificateInfo::Type::Trust:
208             encodeSecTrustRef(encoder, certificateInfo.trust());
209             break;
210 #endif
211 #if PLATFORM(COCOA)
212         case WebCore::CertificateInfo::Type::CertificateChain: {
213             encodeCertificateChain(encoder, certificateInfo.certificateChain());
214             break;
215         }
216 #endif
217         case WebCore::CertificateInfo::Type::None:
218             // Do nothing.
219             break;
220         }
221     }
222
223     static bool decode(Decoder& decoder, WebCore::CertificateInfo& certificateInfo)
224     {
225         WebCore::CertificateInfo::Type certificateInfoType;
226         if (!decoder.decodeEnum(certificateInfoType))
227             return false;
228
229         switch (certificateInfoType) {
230 #if HAVE(SEC_TRUST_SERIALIZATION)
231         case WebCore::CertificateInfo::Type::Trust: {
232             RetainPtr<SecTrustRef> trust;
233             if (!decodeSecTrustRef(decoder, trust))
234                 return false;
235
236             certificateInfo = WebCore::CertificateInfo(WTFMove(trust));
237             return true;
238         }
239 #endif
240 #if PLATFORM(COCOA)
241         case WebCore::CertificateInfo::Type::CertificateChain: {
242             RetainPtr<CFArrayRef> certificateChain;
243             if (!decodeCertificateChain(decoder, certificateChain))
244                 return false;
245
246             certificateInfo = WebCore::CertificateInfo(WTFMove(certificateChain));
247             return true;
248         }
249 #endif
250         case WebCore::CertificateInfo::Type::None:
251             // Do nothing.
252             break;
253         }
254
255         return true;
256     }
257 };
258
259 } // namespace WTF::Persistence
260 } // namespace WTF