Chromium Code Reviews Chromium Code Reviews
Issue 137553004:
NSS Cros multiprofile: trust roots added by a profile shouldn't apply to other profiles. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_TEST_ROOT_CERTS_H_ | 5 #ifndef NET_CERT_TEST_ROOT_CERTS_H_ |
| 6 #define NET_CERT_TEST_ROOT_CERTS_H_ | 6 #define NET_CERT_TEST_ROOT_CERTS_H_ |
| 7 | 7 |
| 8 #include "base/lazy_instance.h" | 8 #include "base/lazy_instance.h" |
| 9 #include "base/memory/ref_counted.h" | 9 #include "base/memory/ref_counted.h" |
| 10 #include "build/build_config.h" | 10 #include "build/build_config.h" |
| 11 #include "net/base/net_export.h" | 11 #include "net/base/net_export.h" |
| 12 #include "net/cert/x509_certificate.h" | |
| 12 | 13 |
| 13 #if defined(USE_NSS) || defined(OS_IOS) | 14 #if defined(USE_NSS) || defined(OS_IOS) |
| 14 #include <list> | 15 #include <list> |
| 15 #elif defined(USE_OPENSSL) && !defined(OS_ANDROID) | 16 #elif defined(USE_OPENSSL) && !defined(OS_ANDROID) |
| 16 #include <vector> | 17 #include <vector> |
| 17 #elif defined(OS_WIN) | 18 #elif defined(OS_WIN) |
| 18 #include <windows.h> | 19 #include <windows.h> |
| 19 #include <wincrypt.h> | 20 #include <wincrypt.h> |
| 20 #elif defined(OS_MACOSX) | 21 #elif defined(OS_MACOSX) |
| 21 #include <CoreFoundation/CFArray.h> | 22 #include <CoreFoundation/CFArray.h> |
| 22 #include <Security/SecTrust.h> | 23 #include <Security/SecTrust.h> |
| 23 #include "base/mac/scoped_cftyperef.h" | 24 #include "base/mac/scoped_cftyperef.h" |
| 24 #endif | 25 #endif |
| 25 | 26 |
| 26 namespace base { | 27 namespace base { |
| 27 class FilePath; | 28 class FilePath; |
| 28 } | 29 } |
| 29 | 30 |
| 30 namespace net { | 31 namespace net { |
| 31 | 32 |
| 32 class X509Certificate; | |
| 33 | |
| 34 // TestRootCerts is a helper class for unit tests that is used to | 33 // TestRootCerts is a helper class for unit tests that is used to |
| 35 // artificially mark a certificate as trusted, independent of the local | 34 // artificially mark a certificate as trusted, independent of the local |
| 36 // machine configuration. | 35 // machine configuration. |
| 37 class NET_EXPORT_PRIVATE TestRootCerts { | 36 class NET_EXPORT TestRootCerts { |
| 38 public: | 37 public: |
| 39 // Obtains the Singleton instance to the trusted certificates. | 38 // Obtains the Singleton instance to the trusted certificates. |
| 40 static TestRootCerts* GetInstance(); | 39 static TestRootCerts* GetInstance(); |
| 41 | 40 |
| 42 // Returns true if an instance exists, without forcing an initialization. | 41 // Returns true if an instance exists, without forcing an initialization. |
| 43 static bool HasInstance(); | 42 static bool HasInstance(); |
| 44 | 43 |
| 45 // Marks |certificate| as trusted for X509Certificate::Verify(). Returns | 44 // Marks |certificate| as trusted for X509Certificate::Verify(). Returns |
| 46 // false if the certificate could not be marked trusted. | 45 // false if the certificate could not be marked trusted. |
| 47 bool Add(X509Certificate* certificate); | 46 bool Add(X509Certificate* certificate); |
| (...skipping 28 matching lines...) Expand all Loading... | |
| 76 #elif defined(OS_WIN) | 75 #elif defined(OS_WIN) |
| 77 HCERTSTORE temporary_roots() const { return temporary_roots_; } | 76 HCERTSTORE temporary_roots() const { return temporary_roots_; } |
| 78 | 77 |
| 79 // Returns an HCERTCHAINENGINE suitable to be used for certificate | 78 // Returns an HCERTCHAINENGINE suitable to be used for certificate |
| 80 // validation routines, or NULL to indicate that the default system chain | 79 // validation routines, or NULL to indicate that the default system chain |
| 81 // engine is appropriate. The caller is responsible for freeing the | 80 // engine is appropriate. The caller is responsible for freeing the |
| 82 // returned HCERTCHAINENGINE. | 81 // returned HCERTCHAINENGINE. |
| 83 HCERTCHAINENGINE GetChainEngine() const; | 82 HCERTCHAINENGINE GetChainEngine() const; |
| 84 #endif | 83 #endif |
| 85 | 84 |
| 85 #if defined(USE_NSS) || defined(OS_IOS) || \ | |
| 86 (defined(USE_OPENSSL) && !defined(OS_ANDROID)) | |
| 87 bool Contains(X509Certificate::OSCertHandle cert) const; | |
|
Ryan Sleevi
2014/01/30 05:27:40
Not a terrible fan of passing the OSCertHandle, al
mattm
2014/02/04 05:31:21
Done.
| |
| 88 #endif | |
| 89 | |
| 86 private: | 90 private: |
| 87 friend struct base::DefaultLazyInstanceTraits<TestRootCerts>; | 91 friend struct base::DefaultLazyInstanceTraits<TestRootCerts>; |
| 88 | 92 |
| 89 TestRootCerts(); | 93 TestRootCerts(); |
| 90 ~TestRootCerts(); | 94 ~TestRootCerts(); |
| 91 | 95 |
| 92 // Performs platform-dependent initialization. | 96 // Performs platform-dependent initialization. |
| 93 void Init(); | 97 void Init(); |
| 94 | 98 |
| 95 #if defined(USE_NSS) || defined(OS_IOS) | 99 #if defined(USE_NSS) || defined(OS_IOS) |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 131 | 135 |
| 132 private: | 136 private: |
| 133 scoped_refptr<X509Certificate> cert_; | 137 scoped_refptr<X509Certificate> cert_; |
| 134 | 138 |
| 135 DISALLOW_COPY_AND_ASSIGN(ScopedTestRoot); | 139 DISALLOW_COPY_AND_ASSIGN(ScopedTestRoot); |
| 136 }; | 140 }; |
| 137 | 141 |
| 138 } // namespace net | 142 } // namespace net |
| 139 | 143 |
| 140 #endif // NET_CERT_TEST_ROOT_CERTS_H_ | 144 #endif // NET_CERT_TEST_ROOT_CERTS_H_ |
| OLD | NEW |
