OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 // This file contains functions for iOS to glue NSS and Security.framework | |
6 // together. | |
7 | |
8 #ifndef NET_CERT_X509_UTIL_IOS_H_ | |
9 #define NET_CERT_X509_UTIL_IOS_H_ | |
10 | |
11 #include <Security/Security.h> | |
12 #include <vector> | |
13 | |
14 #include "base/memory/ref_counted.h" | |
15 #include "net/cert/x509_cert_types.h" | |
16 | |
17 // Forward declaration; real one in <cert.h> | |
18 typedef struct CERTCertificateStr CERTCertificate; | |
19 | |
20 namespace net { | |
21 | |
22 class X509Certificate; | |
23 | |
24 namespace x509_util_ios { | |
25 | |
26 // Converts a Security.framework certificate handle (SecCertificateRef) into | |
27 // an NSS certificate handle (CERTCertificate*). | |
28 CERTCertificate* CreateNSSCertHandleFromOSHandle(SecCertificateRef cert_handle); | |
29 | |
30 // Converts an NSS certificate handle (CERTCertificate*) into a | |
31 // Security.framework handle (SecCertificateRef) | |
32 SecCertificateRef CreateOSCertHandleFromNSSHandle( | |
33 CERTCertificate* nss_cert_handle); | |
34 | |
35 // Create a new X509Certificate from the specified NSS server cert and | |
36 // intermediates. This is functionally equivalent to | |
37 // X509Certificate::CreateFromHandle(), except it supports receiving | |
38 // NSS CERTCertificate*s rather than iOS SecCertificateRefs. | |
39 scoped_refptr<X509Certificate> CreateCertFromNSSHandles( | |
40 CERTCertificate* cert_handle, | |
41 const std::vector<CERTCertificate*>& intermediates); | |
42 | |
43 SHA1HashValue CalculateFingerprintNSS(CERTCertificate* cert); | |
44 | |
45 // This is a wrapper class around the native NSS certificate handle. | |
46 // The constructor copies the certificate data from |cert_handle| and | |
47 // uses the NSS library to parse it. | |
48 class NSSCertificate { | |
49 public: | |
50 explicit NSSCertificate(SecCertificateRef cert_handle); | |
51 ~NSSCertificate(); | |
52 CERTCertificate* cert_handle() const; | |
53 private: | |
54 CERTCertificate* nss_cert_handle_; | |
55 }; | |
56 | |
57 // A wrapper class that loads a certificate and all of its intermediates into | |
58 // NSS. This is necessary for libpkix path building to be able to locate | |
59 // needed intermediates. | |
60 class NSSCertChain { | |
61 public: | |
62 explicit NSSCertChain(X509Certificate* certificate); | |
63 ~NSSCertChain(); | |
64 CERTCertificate* cert_handle() const; | |
65 const std::vector<CERTCertificate*>& cert_chain() const; | |
66 private: | |
67 std::vector<CERTCertificate*> certs_; | |
68 }; | |
69 | |
70 } // namespace x509_util_ios | |
71 } // namespace net | |
72 | |
73 #endif // NET_CERT_X509_UTIL_IOS_H_ | |
OLD | NEW |