OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_EV_ROOT_CA_METADATA_H_ | 5 #ifndef NET_CERT_EV_ROOT_CA_METADATA_H_ |
6 #define NET_CERT_EV_ROOT_CA_METADATA_H_ | 6 #define NET_CERT_EV_ROOT_CA_METADATA_H_ |
7 | 7 |
8 #include "build/build_config.h" | 8 #include "build/build_config.h" |
9 | 9 |
10 #if defined(USE_NSS) || defined(OS_IOS) | 10 #if defined(USE_NSS_CERTS) || defined(OS_IOS) |
11 #include <secoidt.h> | 11 #include <secoidt.h> |
12 #endif | 12 #endif |
13 | 13 |
14 #include <map> | 14 #include <map> |
15 #include <set> | 15 #include <set> |
16 #include <string> | 16 #include <string> |
17 #include <vector> | 17 #include <vector> |
18 | 18 |
19 #include "net/base/net_export.h" | 19 #include "net/base/net_export.h" |
20 #include "net/cert/x509_certificate.h" | 20 #include "net/cert/x509_certificate.h" |
21 | 21 |
22 namespace base { | 22 namespace base { |
23 template <typename T> | 23 template <typename T> |
24 struct DefaultLazyInstanceTraits; | 24 struct DefaultLazyInstanceTraits; |
25 } // namespace base | 25 } // namespace base |
26 | 26 |
27 namespace net { | 27 namespace net { |
28 | 28 |
29 // A singleton. This class stores the meta data of the root CAs that issue | 29 // A singleton. This class stores the meta data of the root CAs that issue |
30 // extended-validation (EV) certificates. | 30 // extended-validation (EV) certificates. |
31 class NET_EXPORT_PRIVATE EVRootCAMetadata { | 31 class NET_EXPORT_PRIVATE EVRootCAMetadata { |
32 public: | 32 public: |
33 #if defined(USE_NSS) || defined(OS_IOS) | 33 #if defined(USE_NSS_CERTS) || defined(OS_IOS) |
34 typedef SECOidTag PolicyOID; | 34 typedef SECOidTag PolicyOID; |
35 #elif defined(OS_WIN) | 35 #elif defined(OS_WIN) |
36 typedef const char* PolicyOID; | 36 typedef const char* PolicyOID; |
37 #endif | 37 #endif |
38 | 38 |
39 static EVRootCAMetadata* GetInstance(); | 39 static EVRootCAMetadata* GetInstance(); |
40 | 40 |
41 #if defined(USE_NSS) || defined(OS_WIN) || defined(OS_IOS) | 41 #if defined(USE_NSS_CERTS) || defined(OS_WIN) || defined(OS_IOS) |
42 // Returns true if policy_oid is an EV policy OID of some root CA. | 42 // Returns true if policy_oid is an EV policy OID of some root CA. |
43 bool IsEVPolicyOID(PolicyOID policy_oid) const; | 43 bool IsEVPolicyOID(PolicyOID policy_oid) const; |
44 | 44 |
45 // Returns true if the root CA with the given certificate fingerprint has | 45 // Returns true if the root CA with the given certificate fingerprint has |
46 // the EV policy OID policy_oid. | 46 // the EV policy OID policy_oid. |
47 bool HasEVPolicyOID(const SHA1HashValue& fingerprint, | 47 bool HasEVPolicyOID(const SHA1HashValue& fingerprint, |
48 PolicyOID policy_oid) const; | 48 PolicyOID policy_oid) const; |
49 #endif | 49 #endif |
50 | 50 |
51 // AddEVCA adds an EV CA to the list of known EV CAs with the given policy. | 51 // AddEVCA adds an EV CA to the list of known EV CAs with the given policy. |
52 // |policy| is expressed as a string of dotted numbers. It returns true on | 52 // |policy| is expressed as a string of dotted numbers. It returns true on |
53 // success. | 53 // success. |
54 bool AddEVCA(const SHA1HashValue& fingerprint, const char* policy); | 54 bool AddEVCA(const SHA1HashValue& fingerprint, const char* policy); |
55 | 55 |
56 // RemoveEVCA removes an EV CA that was previously added by AddEVCA. It | 56 // RemoveEVCA removes an EV CA that was previously added by AddEVCA. It |
57 // returns true on success. | 57 // returns true on success. |
58 bool RemoveEVCA(const SHA1HashValue& fingerprint); | 58 bool RemoveEVCA(const SHA1HashValue& fingerprint); |
59 | 59 |
60 private: | 60 private: |
61 friend struct base::DefaultLazyInstanceTraits<EVRootCAMetadata>; | 61 friend struct base::DefaultLazyInstanceTraits<EVRootCAMetadata>; |
62 | 62 |
63 EVRootCAMetadata(); | 63 EVRootCAMetadata(); |
64 ~EVRootCAMetadata(); | 64 ~EVRootCAMetadata(); |
65 | 65 |
66 #if defined(USE_NSS) || defined(OS_IOS) | 66 #if defined(USE_NSS_CERTS) || defined(OS_IOS) |
67 typedef std::map<SHA1HashValue, std::vector<PolicyOID>, | 67 typedef std::map<SHA1HashValue, std::vector<PolicyOID>, |
68 SHA1HashValueLessThan> PolicyOIDMap; | 68 SHA1HashValueLessThan> PolicyOIDMap; |
69 | 69 |
70 // RegisterOID registers |policy|, a policy OID in dotted string form, and | 70 // RegisterOID registers |policy|, a policy OID in dotted string form, and |
71 // writes the memoized form to |*out|. It returns true on success. | 71 // writes the memoized form to |*out|. It returns true on success. |
72 static bool RegisterOID(const char* policy, PolicyOID* out); | 72 static bool RegisterOID(const char* policy, PolicyOID* out); |
73 | 73 |
74 PolicyOIDMap ev_policy_; | 74 PolicyOIDMap ev_policy_; |
75 std::set<PolicyOID> policy_oids_; | 75 std::set<PolicyOID> policy_oids_; |
76 #elif defined(OS_WIN) | 76 #elif defined(OS_WIN) |
77 typedef std::map<SHA1HashValue, std::string, | 77 typedef std::map<SHA1HashValue, std::string, |
78 SHA1HashValueLessThan> ExtraEVCAMap; | 78 SHA1HashValueLessThan> ExtraEVCAMap; |
79 | 79 |
80 // extra_cas_ contains any EV CA metadata that was added at runtime. | 80 // extra_cas_ contains any EV CA metadata that was added at runtime. |
81 ExtraEVCAMap extra_cas_; | 81 ExtraEVCAMap extra_cas_; |
82 #endif | 82 #endif |
83 | 83 |
84 DISALLOW_COPY_AND_ASSIGN(EVRootCAMetadata); | 84 DISALLOW_COPY_AND_ASSIGN(EVRootCAMetadata); |
85 }; | 85 }; |
86 | 86 |
87 } // namespace net | 87 } // namespace net |
88 | 88 |
89 #endif // NET_CERT_EV_ROOT_CA_METADATA_H_ | 89 #endif // NET_CERT_EV_ROOT_CA_METADATA_H_ |
OLD | NEW |