Send crash dumps for odd ERR_CERT_DATE_INVALID cert errors

Safe Browsing Extended Reporting reports show a number of certificate errors from Windows users where the certificate error is ERR_CERT_DATE_INVALID but the certificate chain appears to have perfectly valid dates. To get some diagnostic data from Canary, this CL calls DumpWithoutCrashing() when we observe such a chain. This CL is intended to be reverted after obtaining a few days of data from Canary. BUG=672906 Review-Url: https://codereview.chromium.org/2567643003 Cr-Commit-Position: refs/heads/master@{#437726}

Send crash dumps for odd ERR_CERT_DATE_INVALID cert errors
Safe Browsing Extended Reporting reports show a number of certificate errors from Windows users where the certificate error is ERR_CERT_DATE_INVALID but the certificate chain appears to have perfectly valid dates. To get some diagnostic data from Canary, this CL calls DumpWithoutCrashing() when we observe such a chain. This CL is intended to be reverted after obtaining a few days of data from Canary. BUG=672906 Review-Url: https://codereview.chromium.org/2567643003 Cr-Commit-Position: refs/heads/master@{#437726}
822fd5f5 · estark · Commit bot · d65d4dc1 · 822fd5f5
Commit 822fd5f5 authored Dec 09, 2016 by estark Committed by Commit bot Dec 10, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 56 additions and 0 deletions

net/cert/cert_verify_proc_win.cc net/cert/cert_verify_proc_win.cc +56 -0

No files found.
--- a/net/cert/cert_verify_proc_win.cc
+++ b/net/cert/cert_verify_proc_win.cc
@@ -8,12 +8,16 @@
 #include <string>
 #include <vector>

+#include "base/debug/crash_logging.h"
+#include "base/debug/dump_without_crashing.h"
 #include "base/memory/free_deleter.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/sha1.h"
+#include "base/strings/string_number_conversions.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/threading/thread_local.h"
+#include "base/time/time.h"
 #include "crypto/capi_util.h"
 #include "crypto/scoped_capi_types.h"
 #include "crypto/sha2.h"
@@ -895,6 +899,47 @@ class ScopedThreadLocalCRLSet {
  ~ScopedThreadLocalCRLSet() { g_revocation_injector.Get().SetCRLSet(nullptr); }
 };

+// Sends a crash dump (without actually crashing) when the system time
+// falls within the validity period of every certificate in
+// |verified_cert|'s chain. This is to investigate reports of odd
+// certificate errors that report ERR_CERT_DATE_INVALID when the
+// certificate chain's dates appear to be valid.
+//
+// TODO(estark): remove this after obtaining diagnostic data from
+// Canary. https://crbug.com/672906
+void MaybeDumpCertificateDateError(
+    const scoped_refptr<X509Certificate>& verified_cert,
+    DWORD error_status,
+    DWORD info_status) {
+  const base::Time now = base::Time::NowFromSystemTime();
+  // If the leaf certificate is expired or not yet valid, nothing is odd.
+  if (now >= verified_cert->valid_expiry() ||
+      now <= verified_cert->valid_start()) {
+    return;
+  }
+  // Repeat the check for the rest of the certificates in the chain; if
+  // any of them is expired or not yet valid, nothing is odd.
+  X509Certificate::OSCertHandles intermediates =
+      verified_cert->GetIntermediateCertificates();
+  for (const auto& intermediate : intermediates) {
+    base::Time valid_start =
+        base::Time::FromFileTime(intermediate->pCertInfo->NotBefore);
+    base::Time valid_expiry =
+        base::Time::FromFileTime(intermediate->pCertInfo->NotAfter);
+    if (now >= valid_expiry || now <= valid_start)
+      return;
+  }
+  // None of the certificates in the chain appear to be expired or
+  // not-yet-valid, so send a crash dump for diagnostics.
+  base::debug::ScopedCrashKey error_status_crash_key(
+      "cert_verify_proc_win_date_error_error_status",
+      base::IntToString(error_status));
+  base::debug::ScopedCrashKey info_status_crash_key(
+      "cert_verify_proc_win_date_error_info_status",
+      base::IntToString(info_status));
+  base::debug::DumpWithoutCrashing();
+}
+
 }  // namespace

 CertVerifyProcWin::CertVerifyProcWin() {}
@@ -1170,6 +1215,17 @@ int CertVerifyProcWin::VerifyInternal(
  verify_result->cert_status |= MapCertChainErrorStatusToCertStatus(
      chain_context->TrustStatus.dwErrorStatus);

+  // Send some diagnostic data in the event of certificate date errors
+  // that occur on chains with validity periods that are valid according
+  // to the system clock.
+  // TODO(estark): remove this after obtaining diagnostic data from
+  // Canary. https://crbug.com/672906
+  if (verify_result->cert_status & CERT_STATUS_DATE_INVALID) {
+    MaybeDumpCertificateDateError(verify_result->verified_cert,
+                                  chain_context->TrustStatus.dwErrorStatus,
+                                  chain_context->TrustStatus.dwInfoStatus);
+  }
+
  // Flag certificates that have a Subject common name with a NULL character.
  if (CertSubjectCommonNameHasNull(cert_handle))
    verify_result->cert_status |= CERT_STATUS_INVALID;