Don't treat trust anchors as certificates during path building.

components/cast_certificate/cast_crl.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/cast_certificate/cast_crl.h"
 
 #include <unordered_map>
 #include <unordered_set>
 
 #include "base/base64.h"
@@ skipping 44 matching lines @@
                                                   CastCRLTrustStore>>::get();
   }
 
   static net::TrustStore& Get() { return GetInstance()->store_; }
 
  private:
   friend struct base::DefaultSingletonTraits<CastCRLTrustStore>;
 
   CastCRLTrustStore() {
     // Initialize the trust store with the root certificate.
-    scoped_refptr<net::ParsedCertificate> root =
+    scoped_refptr<net::ParsedCertificate> cert =
         net::ParsedCertificate::CreateFromCertificateData(
             kCastCRLRootCaDer, sizeof(kCastCRLRootCaDer),
             net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE, {});
-    CHECK(root);
-    store_.AddTrustedCertificate(std::move(root));
+    CHECK(cert);
+    // TODO(crbug.com/635200): Support anchor constraints, and initialize the
+    // anchor using constraints from the self-signed certificate.
+    scoped_refptr<net::TrustAnchor> anchor =
+        net::TrustAnchor::CreateFromCertificateNoConstraints(std::move(cert));
+    CHECK(anchor);
+    store_.AddTrustAnchor(std::move(anchor));
   }
 
   net::TrustStore store_;
   DISALLOW_COPY_AND_ASSIGN(CastCRLTrustStore);
 };
 
 // Converts a uint64_t unix timestamp to net::der::GeneralizedTime.
 bool ConvertTimeSeconds(uint64_t seconds,
                         net::der::GeneralizedTime* generalized_time) {
   base::Time unix_timestamp =
@@ skipping 78 matching lines @@
   if (!ConvertTimeSeconds(tbs_crl.not_after_seconds(), &not_after)) {
     VLOG(2) << "CRL - Unable to parse not_after.";
     return false;
   }
   if ((verification_time < not_before) || (verification_time > not_after)) {
     VLOG(2) << "CRL - Not time-valid.";
     return false;
   }
 
   // Set CRL expiry to the earliest of the cert chain expiry and CRL expiry.
+  // Note that the trust anchor is not part of this loop.
+  // "expiration" of the trust anchor is handled instead by its
+  // presence in the trust store.
   *overall_not_after = not_after;
-  for (const auto& cert : result.paths[result.best_result_index]->path) {
+  for (const auto& cert : result.paths[result.best_result_index]->path.certs) {
     net::der::GeneralizedTime cert_not_after = cert->tbs().validity_not_after;
     if (cert_not_after < *overall_not_after)
       *overall_not_after = cert_not_after;
   }
 
   // Perform sanity check on serial numbers.
   for (const auto& range : tbs_crl.revoked_serial_number_ranges()) {
     uint64_t first_serial_number = range.first_serial_number();
     uint64_t last_serial_number = range.last_serial_number();
     if (last_serial_number < first_serial_number) {
       VLOG(2) << "CRL - Malformed serial number range.";
       return false;
     }
   }
   return true;
 }
 
 class CastCRLImpl : public CastCRL {
  public:
   CastCRLImpl(const TbsCrl& tbs_crl,
               const net::der::GeneralizedTime& overall_not_after);
   ~CastCRLImpl() override;
 
-  bool CheckRevocation(const net::ParsedCertificateList& trusted_chain,
+  bool CheckRevocation(const net::CertPath& trusted_chain,
                        const base::Time& time) const override;
 
  private:
   struct SerialNumberRange {
     uint64_t first_serial;
     uint64_t last_serial;
   };
 
   net::der::GeneralizedTime not_before_;
   net::der::GeneralizedTime not_after_;
@@ skipping 33 matching lines @@
     uint64_t last_serial_number = range.last_serial_number();
     auto& serial_number_range = revoked_serial_numbers_[issuer_hash];
     serial_number_range.push_back({first_serial_number, last_serial_number});
   }
 }
 
 CastCRLImpl::~CastCRLImpl() {}
 
 // Verifies the revocation status of the certificate chain, at the specified
 // time.
-bool CastCRLImpl::CheckRevocation(
-    const net::ParsedCertificateList& trusted_chain,
-    const base::Time& time) const {
-  if (trusted_chain.empty())
+bool CastCRLImpl::CheckRevocation(const net::CertPath& trusted_chain,
+                                  const base::Time& time) const {
+  if (trusted_chain.IsEmpty())
     return false;
 
+  DCHECK(trusted_chain.trust_anchor);
+
   // Check the validity of the CRL at the specified time.
   net::der::GeneralizedTime verification_time;
   if (!net::der::EncodeTimeAsGeneralizedTime(time, &verification_time)) {
     VLOG(2) << "CRL verification time malformed.";
     return false;
   }
   if ((verification_time < not_before_) || (verification_time > not_after_)) {
     VLOG(2) << "CRL not time-valid. Perform hard fail.";
     return false;
   }
 
-  // Check revocation.
-  for (size_t i = 0; i < trusted_chain.size(); ++i) {
-    const auto& parsed_cert = trusted_chain[i];
+  // Check revocation. Note that this loop has "+ 1" in order to also loop
+  // over the trust anchor (which is treated specially).
+  for (size_t i = 0; i < trusted_chain.certs.size() + 1; ++i) {
+    // This loop iterates over both certificates AND then the trust
+    // anchor after exhausing the certs.
+    net::der::Input spki_tlv;
+    if (i == trusted_chain.certs.size()) {
+      spki_tlv = trusted_chain.trust_anchor->spki();
+    } else {
+      spki_tlv = trusted_chain.certs[i]->tbs().spki_tlv;
+    }
+
     // Calculate the public key's hash to check for revocation.
-    std::string spki_hash =
-        crypto::SHA256HashString(parsed_cert->tbs().spki_tlv.AsString());
+    std::string spki_hash = crypto::SHA256HashString(spki_tlv.AsString());
     if (revoked_hashes_.find(spki_hash) != revoked_hashes_.end()) {
       VLOG(2) << "Public key is revoked.";
       return false;
     }
 
     // Check if the subordinate certificate was revoked by serial number.
     if (i > 0) {
       auto issuer_iter = revoked_serial_numbers_.find(spki_hash);
       if (issuer_iter != revoked_serial_numbers_.end()) {
-        const auto& subordinate = trusted_chain[i - 1];
+        const auto& subordinate = trusted_chain.certs[i - 1];
         uint64_t serial_number;
         // Only Google generated device certificates will be revoked by range.
         // These will always be less than 64 bits in length.
         if (!net::der::ParseUint64(subordinate->tbs().serial_number,
                                    &serial_number)) {
           continue;
         }
         for (const auto& revoked_serial : issuer_iter->second) {
           if (revoked_serial.first_serial <= serial_number &&
               revoked_serial.last_serial >= serial_number) {
@@ skipping 45 matching lines @@
 }
 
 std::unique_ptr<CastCRL> ParseAndVerifyCRLForTest(
     const std::string& crl_proto,
     const base::Time& time,
     net::TrustStore* trust_store) {
   return ParseAndVerifyCRL(crl_proto, time, trust_store);
 }
 
 }  // namespace cast_certificate