Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(57)

Side by Side Diff: net/cert/internal/trust_store.h

Issue 2225493003: Don't treat trust anchors as certificates during path building. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: address moar feedback Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_ 5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_
6 #define NET_CERT_INTERNAL_TRUST_STORE_H_ 6 #define NET_CERT_INTERNAL_TRUST_STORE_H_
7 7
8 #include <unordered_map> 8 #include <unordered_map>
9 #include <vector> 9 #include <vector>
10 10
11 #include "base/memory/ref_counted.h" 11 #include "base/memory/ref_counted.h"
12 #include "base/strings/string_piece.h" 12 #include "base/strings/string_piece.h"
13 #include "net/base/net_export.h" 13 #include "net/base/net_export.h"
14 #include "net/cert/internal/parsed_certificate.h" 14 #include "net/cert/internal/parsed_certificate.h"
15 15
16 namespace net { 16 namespace net {
17 17
18 namespace der { 18 namespace der {
19 class Input; 19 class Input;
20 } 20 }
21 21
22 // A TrustAnchor represents a trust anchor used during RFC 5280 path validation.
23 //
24 // At its core, each trust anchor has two parts:
25 // * Name
26 // * Public Key
27 //
28 // Optionally a trust anchor may contain:
29 // * An associated certificate
30 // * Trust anchor constraints
31 //
32 // Relationship between ParsedCertificate and TrustAnchor:
33 //
34 // For convenience trust anchors are often described using a
35 // (self-signed) certificate. TrustAnchor facilitates this by allowing
36 // construction of a TrustAnchor given a ParsedCertificate, however
37 // the concepts are NOT quite the same.
38 //
39 // Notably when constructed from a certificate, properties/constraints of
40 // the underlying certificate like expiration, signature, or basic
41 // constraints are NOT processed and validated by path validation.
42 // Instead such properties need to be explicitly indicated via "trust
43 // anchor constraints".
44 //
45 // See RFC 5937 and RFC 5280 for more details.
46 class NET_EXPORT TrustAnchor : public base::RefCountedThreadSafe<TrustAnchor> {
47 public:
48 // Creates a TrustAnchor given a certificate. The only parts of the
49 // certificate that will be used are the subject and SPKI. Any extensions in
50 // the certificate that might limit its use (like name constraints or policy)
51 // are disregarded during validation. In other words, the resulting trust
52 // anchor has no anchor constraints.
53 static scoped_refptr<TrustAnchor> CreateFromCertificateNoConstraints(
54 scoped_refptr<ParsedCertificate> cert);
55
56 // TODO(crbug.com/635200): Support anchor constraints. For instance
57 // by adding factory method CreateFromCertificateWithConstraints()
58
59 der::Input spki() const;
60 der::Input normalized_subject() const;
61
62 // Returns the optional certificate representing this trust anchor.
63 // In the current implementation it will never return nullptr...
64 // however clients should be prepared to handle this case.
65 const scoped_refptr<ParsedCertificate>& cert() const;
66
67 private:
68 friend class base::RefCountedThreadSafe<TrustAnchor>;
69 explicit TrustAnchor(scoped_refptr<ParsedCertificate>);
70 ~TrustAnchor();
71
72 scoped_refptr<ParsedCertificate> cert_;
73 };
74
75 using TrustAnchors = std::vector<scoped_refptr<TrustAnchor>>;
76
22 // A very simple implementation of a TrustStore, which contains a set of 77 // A very simple implementation of a TrustStore, which contains a set of
23 // trusted certificates. 78 // trust anchors.
79 //
24 // TODO(mattm): convert this into an interface, provide implementations that 80 // TODO(mattm): convert this into an interface, provide implementations that
25 // interface with OS trust store. 81 // interface with OS trust store.
26 class NET_EXPORT TrustStore { 82 class NET_EXPORT TrustStore {
27 public: 83 public:
28 TrustStore(); 84 TrustStore();
29 ~TrustStore(); 85 ~TrustStore();
30 86
31 // Empties the trust store, resetting it to original state. 87 // Empties the trust store, resetting it to original state.
32 void Clear(); 88 void Clear();
33 89
34 // Adds a trusted certificate to the store. 90 void AddTrustAnchor(scoped_refptr<TrustAnchor> anchor);
35 void AddTrustedCertificate(scoped_refptr<ParsedCertificate> anchor);
36 91
37 // Returns the trust anchors that match |name| in |*matches|, if any. 92 // Returns the trust anchors that match |name| in |*matches|, if any.
38 void FindTrustAnchorsByNormalizedName(const der::Input& normalized_name, 93 void FindTrustAnchorsByNormalizedName(const der::Input& normalized_name,
39 ParsedCertificateList* matches) const; 94 TrustAnchors* matches) const;
40
41 // Returns true if |cert| matches a certificate in the TrustStore.
42 bool IsTrustedCertificate(const ParsedCertificate* cert) const
43 WARN_UNUSED_RESULT;
44 95
45 private: 96 private:
46 // Multimap from normalized subject -> ParsedCertificate. 97 // Multimap from normalized subject -> TrustAnchor.
47 std::unordered_multimap<base::StringPiece, 98 std::unordered_multimap<base::StringPiece,
48 scoped_refptr<ParsedCertificate>, 99 scoped_refptr<TrustAnchor>,
49 base::StringPieceHash> 100 base::StringPieceHash>
50 anchors_; 101 anchors_;
51 102
52 DISALLOW_COPY_AND_ASSIGN(TrustStore); 103 DISALLOW_COPY_AND_ASSIGN(TrustStore);
53 }; 104 };
54 105
55 } // namespace net 106 } // namespace net
56 107
57 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_ 108 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_
OLDNEW
« no previous file with comments | « net/cert/internal/path_builder_verify_certificate_chain_unittest.cc ('k') | net/cert/internal/trust_store.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698