| Index: net/cert/internal/trust_store.h
|
| diff --git a/net/cert/internal/trust_store.h b/net/cert/internal/trust_store.h
|
| index 0afbf9a425be72cedf2b92e3b69697175ca04973..237cc586860dffb059aeab3cedc9c9a0fd8070a7 100644
|
| --- a/net/cert/internal/trust_store.h
|
| +++ b/net/cert/internal/trust_store.h
|
| @@ -19,8 +19,53 @@ namespace der {
|
| class Input;
|
| }
|
|
|
| +// A TrustAnchor represents a trust anchor used during RFC 5280 path validation.
|
| +//
|
| +// At its core, a trust anchor has three parts:
|
| +// * Name
|
| +// * Public Key
|
| +// * Constraints
|
| +//
|
| +// For convenience trust anchors are often described using a self-signed
|
| +// certificate, and this class mirrors that representation.
|
| +//
|
| +// However note that a TrustAnchor is NOT the same thing as a certificate.
|
| +// Properties of a certificate like expiration and signature are not considered
|
| +// for trust anchors during path validation. Trust anchors can have equivalent
|
| +// constraints for extensions like name constraints, policy, basic constraints
|
| +// path len, however those anchor constraints need to be specified explicitly.
|
| +// See RFC 5937.
|
| +//
|
| +// TODO(crbug.com/635200): Support anchor constraints.
|
| +class NET_EXPORT TrustAnchor : public base::RefCountedThreadSafe<TrustAnchor> {
|
| + public:
|
| + // Creates a TrustAnchor given a certificate. The only parts of the
|
| + // certificate that will be used are the subject and SPKI. Any extensions in
|
| + // the certificate that might limit its use (like name constraints or policy)
|
| + // are disregarded during validation. In other words, the resulting trust
|
| + // anchor has no anchor constraints.
|
| + static scoped_refptr<TrustAnchor> CreateFromCertificateNoConstraints(
|
| + scoped_refptr<ParsedCertificate> cert);
|
| +
|
| + der::Input spki() const;
|
| + der::Input normalized_subject() const;
|
| +
|
| + // Returns the certificate representing this trust anchor.
|
| + const scoped_refptr<ParsedCertificate>& cert() const;
|
| +
|
| + private:
|
| + friend class base::RefCountedThreadSafe<TrustAnchor>;
|
| + explicit TrustAnchor(scoped_refptr<ParsedCertificate>);
|
| + ~TrustAnchor();
|
| +
|
| + scoped_refptr<ParsedCertificate> cert_;
|
| +};
|
| +
|
| +using TrustAnchors = std::vector<scoped_refptr<TrustAnchor>>;
|
| +
|
| // A very simple implementation of a TrustStore, which contains a set of
|
| -// trusted certificates.
|
| +// trust anchors.
|
| +//
|
| // TODO(mattm): convert this into an interface, provide implementations that
|
| // interface with OS trust store.
|
| class NET_EXPORT TrustStore {
|
| @@ -31,21 +76,16 @@ class NET_EXPORT TrustStore {
|
| // Empties the trust store, resetting it to original state.
|
| void Clear();
|
|
|
| - // Adds a trusted certificate to the store.
|
| - void AddTrustedCertificate(scoped_refptr<ParsedCertificate> anchor);
|
| + void AddTrustAnchor(scoped_refptr<TrustAnchor> anchor);
|
|
|
| // Returns the trust anchors that match |name| in |*matches|, if any.
|
| void FindTrustAnchorsByNormalizedName(const der::Input& normalized_name,
|
| - ParsedCertificateList* matches) const;
|
| -
|
| - // Returns true if |cert| matches a certificate in the TrustStore.
|
| - bool IsTrustedCertificate(const ParsedCertificate* cert) const
|
| - WARN_UNUSED_RESULT;
|
| + TrustAnchors* matches) const;
|
|
|
| private:
|
| - // Multimap from normalized subject -> ParsedCertificate.
|
| + // Multimap from normalized subject -> TrustAnchor.
|
| std::unordered_multimap<base::StringPiece,
|
| - scoped_refptr<ParsedCertificate>,
|
| + scoped_refptr<TrustAnchor>,
|
| base::StringPieceHash>
|
| anchors_;
|
|
|
|
|
Chromium Code Reviews
Issue 2225493003:
Don't treat trust anchors as certificates during path building. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master