Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(321)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_util_ios.h

Issue 10983023: Port certificate verification to iOS. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: . Created 8 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/base/net_test_suite.cc ('k') | net/base/x509_util_ios.cc » ('j') | net/base/x509_util_ios.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file contains functions for iOS to glue NSS and Security.framework 5 // This file contains functions for iOS to glue NSS and Security.framework
6 // together. 6 // together.
7 7
8 #ifndef NET_BASE_X509_UTIL_IOS_H_ 8 #ifndef NET_BASE_X509_UTIL_IOS_H_
9 #define NET_BASE_X509_UTIL_IOS_H_ 9 #define NET_BASE_X509_UTIL_IOS_H_
10 10
11 #include <Security/Security.h> 11 #include <Security/Security.h>
12 #include <vector>
13
14 #include "net/base/x509_cert_types.h"
12 15
13 // Forward declaration; real one in <cert.h> 16 // Forward declaration; real one in <cert.h>
14 typedef struct CERTCertificateStr CERTCertificate; 17 typedef struct CERTCertificateStr CERTCertificate;
15 18
16 namespace net { 19 namespace net {
20
21 class X509Certificate;
22
17 namespace x509_util_ios { 23 namespace x509_util_ios {
18 24
19 // Converts a Security.framework certificate handle (SecCertificateRef) into 25 // Converts a Security.framework certificate handle (SecCertificateRef) into
20 // an NSS certificate handle (CERTCertificate*). 26 // an NSS certificate handle (CERTCertificate*).
21 CERTCertificate* CreateNSSCertHandleFromOSHandle(SecCertificateRef cert_handle); 27 CERTCertificate* CreateNSSCertHandleFromOSHandle(SecCertificateRef cert_handle);
22 28
23 // Converts an NSS certificate handle (CERTCertificate*) into a 29 // Converts an NSS certificate handle (CERTCertificate*) into a
24 // Security.framework handle (SecCertificateRef) 30 // Security.framework handle (SecCertificateRef)
25 SecCertificateRef CreateOSCertHandleFromNSSHandle( 31 SecCertificateRef CreateOSCertHandleFromNSSHandle(
26 CERTCertificate* nss_cert_handle); 32 CERTCertificate* nss_cert_handle);
27 33
34 // Create a new X509Certificate from the specified NSS server cert and
35 // intermediates. This is functionally equivalent to
36 // X509Certificate::CreateFromHandle(), except it supports receiving
37 // NSS CERTCertificate*s rather than iOS SecCertificateRefs.
38 X509Certificate* CreateCertFromNSSHandles(
39 CERTCertificate* cert_handle,
40 const std::vector<CERTCertificate*>& intermediates);
41
42 SHA1HashValue CalculateFingerprintNSS(CERTCertificate* cert);
43
28 // This is a wrapper class around the native NSS certificate handle. 44 // This is a wrapper class around the native NSS certificate handle.
29 // The constructor copies the certificate data from |cert_handle| and 45 // The constructor copies the certificate data from |cert_handle| and
30 // uses the NSS library to parse it. 46 // uses the NSS library to parse it.
31 class NSSCertificate { 47 class NSSCertificate {
32 public: 48 public:
33 explicit NSSCertificate(SecCertificateRef cert_handle); 49 explicit NSSCertificate(SecCertificateRef cert_handle);
34 ~NSSCertificate(); 50 ~NSSCertificate();
35 CERTCertificate* cert_handle(); 51 CERTCertificate* cert_handle() const;
36 private: 52 private:
37 CERTCertificate* nss_cert_handle_; 53 CERTCertificate* nss_cert_handle_;
38 }; 54 };
39 55
56 // A wrapper class that loads a certificate and all of its intermediates into
57 // NSS. This is necessary for libpkix path building to be able to locate
58 // needed intermediates.
59 class NSSCertChain {
60 public:
61 explicit NSSCertChain(X509Certificate* certificate);
62 ~NSSCertChain();
63 CERTCertificate* cert_handle() const;
64 private:
65 std::vector<CERTCertificate*> certs_;
66 };
67
40 } // namespace x509_util_ios 68 } // namespace x509_util_ios
41 } // namespace net 69 } // namespace net
42 70
43 #endif // NET_BASE_X509_UTIL_IOS_H_ 71 #endif // NET_BASE_X509_UTIL_IOS_H_
OLDNEW
« no previous file with comments | « net/base/net_test_suite.cc ('k') | net/base/x509_util_ios.cc » ('j') | net/base/x509_util_ios.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698