Refuse to accept certificate chains containing any RSA public key smaller

net/base/x509_certificate.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/x509_certificate.h"
 
 #include <stdlib.h>
 
 #include <algorithm>
 #include <map>
@@ skipping 558 matching lines @@
         !(pattern_begin.empty() && pattern_end.empty()))
       continue;
 
     if (reference_host.starts_with(pattern_begin) &&
         reference_host.ends_with(pattern_end))
       return true;
   }
   return false;
 }
 
+static bool IsWeakKey(X509Certificate::PublicKeyType type, size_t size_bits) {

[Ryan Sleevi, 2011/12/13 05:45:35]

nit: Given that this file makes use of an unnamed namespace, should this be
moved up to around line 227 and de-static'd?

This is something I'm not sure of - the C++ Guide has this to say on the matter,
but it's unclear about "mix and match"

http://google-styleguide.googlecode.com/svn/trunk/cppguide.xml?showone=Nonmem...

"If you must define a nonmember function and it is only needed in its .cc file,
use an unnamed namespace or static linkage (eg static int Foo() {...}) to limit
its scope."

+  return size_bits < 1024 &&
+         (type == X509Certificate::kPublicKeyTypeRSA ||
+          type == X509Certificate::kPublicKeyTypeDSA);
+}
+
 int X509Certificate::Verify(const std::string& hostname,
                             int flags,
                             CRLSet* crl_set,
                             CertVerifyResult* verify_result) const {
   verify_result->Reset();
   verify_result->verified_cert = const_cast<X509Certificate*>(this);
 
   if (IsBlacklisted()) {
     verify_result->cert_status |= CERT_STATUS_REVOKED;
     return ERR_CERT_REVOKED;
   }
 
   int rv = VerifyInternal(hostname, flags, crl_set, verify_result);
 
+  // Check for weak keys in the entire verified chain.
+  size_t size_bits = 0;
+  PublicKeyType type = kPublicKeyTypeUnknown;
+  bool weak_key = false;
+
+  GetPublicKeyInfo(verify_result->verified_cert->os_cert_handle(), &size_bits,
+                   &type);
+  if (IsWeakKey(type, size_bits)) {
+    weak_key = true;
+  } else {
+    const OSCertHandles& intermediates =
+        verify_result->verified_cert->GetIntermediateCertificates();
+    for (OSCertHandles::const_iterator i = intermediates.begin();
+         i != intermediates.end(); ++i) {
+      GetPublicKeyInfo(*i, &size_bits, &type);
+      if (IsWeakKey(type, size_bits))
+        weak_key = true;
+    }
+  }
+
+  if (weak_key) {
+    verify_result->cert_status |= CERT_STATUS_WEAK_KEY;
+    return MapCertStatusToNetError(verify_result->cert_status);
+  }
+
   // This check is done after VerifyInternal so that VerifyInternal can fill in
   // the list of public key hashes.
   if (IsPublicKeyBlacklisted(verify_result->public_key_hashes)) {
     verify_result->cert_status |= CERT_STATUS_REVOKED;
     rv = MapCertStatusToNetError(verify_result->cert_status);
   }
 
   return rv;
 }
 
@@ skipping 195 matching lines @@
 bool X509Certificate::IsSHA1HashInSortedArray(const SHA1Fingerprint& hash,
                                               const uint8* array,
                                               size_t array_byte_len) {
   DCHECK_EQ(0u, array_byte_len % base::kSHA1Length);
   const size_t arraylen = array_byte_len / base::kSHA1Length;
   return NULL != bsearch(hash.data, array, arraylen, base::kSHA1Length,
                          CompareSHA1Hashes);
 }
 
 }  // namespace net