OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_X509_CERTIFICATE_H_ | 5 #ifndef NET_CERT_X509_CERTIFICATE_H_ |
6 #define NET_CERT_X509_CERTIFICATE_H_ | 6 #define NET_CERT_X509_CERTIFICATE_H_ |
7 | 7 |
8 #include <stddef.h> | 8 #include <stddef.h> |
9 #include <string.h> | 9 #include <string.h> |
10 | 10 |
11 #include <string> | 11 #include <string> |
12 #include <vector> | 12 #include <vector> |
13 | 13 |
14 #include "base/gtest_prod_util.h" | 14 #include "base/gtest_prod_util.h" |
15 #include "base/macros.h" | 15 #include "base/macros.h" |
16 #include "base/memory/ref_counted.h" | 16 #include "base/memory/ref_counted.h" |
17 #include "base/strings/string_piece.h" | 17 #include "base/strings/string_piece.h" |
18 #include "base/time/time.h" | 18 #include "base/time/time.h" |
19 #include "net/base/net_export.h" | 19 #include "net/base/net_export.h" |
20 #include "net/cert/cert_type.h" | 20 #include "net/cert/cert_type.h" |
21 #include "net/cert/x509_cert_types.h" | 21 #include "net/cert/x509_cert_types.h" |
22 | 22 |
23 #if defined(OS_WIN) | 23 #if defined(USE_BYTE_CERTS) |
| 24 #include "third_party/boringssl/src/include/openssl/base.h" |
| 25 #elif defined(OS_WIN) |
24 #include <windows.h> | 26 #include <windows.h> |
25 #include "crypto/wincrypt_shim.h" | 27 #include "crypto/wincrypt_shim.h" |
26 #elif defined(OS_MACOSX) | 28 #elif defined(OS_MACOSX) |
27 #include <CoreFoundation/CFArray.h> | 29 #include <CoreFoundation/CFArray.h> |
28 #include <Security/SecBase.h> | 30 #include <Security/SecBase.h> |
29 #elif defined(USE_OPENSSL_CERTS) | 31 #elif defined(USE_OPENSSL_CERTS) |
30 // Forward declaration; real one in <x509.h> | 32 // Forward declaration; real one in <x509.h> |
31 typedef struct x509_st X509; | 33 typedef struct x509_st X509; |
32 typedef struct x509_store_st X509_STORE; | 34 typedef struct x509_store_st X509_STORE; |
33 #elif defined(USE_NSS_CERTS) | 35 #elif defined(USE_NSS_CERTS) |
(...skipping 15 matching lines...) Expand all Loading... |
49 // X509Certificate represents a X.509 certificate, which is comprised a | 51 // X509Certificate represents a X.509 certificate, which is comprised a |
50 // particular identity or end-entity certificate, such as an SSL server | 52 // particular identity or end-entity certificate, such as an SSL server |
51 // identity or an SSL client certificate, and zero or more intermediate | 53 // identity or an SSL client certificate, and zero or more intermediate |
52 // certificates that may be used to build a path to a root certificate. | 54 // certificates that may be used to build a path to a root certificate. |
53 class NET_EXPORT X509Certificate | 55 class NET_EXPORT X509Certificate |
54 : public base::RefCountedThreadSafe<X509Certificate> { | 56 : public base::RefCountedThreadSafe<X509Certificate> { |
55 public: | 57 public: |
56 // An OSCertHandle is a handle to a certificate object in the underlying | 58 // An OSCertHandle is a handle to a certificate object in the underlying |
57 // crypto library. We assume that OSCertHandle is a pointer type on all | 59 // crypto library. We assume that OSCertHandle is a pointer type on all |
58 // platforms and that NULL represents an invalid OSCertHandle. | 60 // platforms and that NULL represents an invalid OSCertHandle. |
59 #if defined(OS_WIN) | 61 #if defined(USE_BYTE_CERTS) |
| 62 // TODO(mattm): Remove OSCertHandle type and clean up the interfaces once all |
| 63 // platforms use the CRYPTO_BUFFER version. |
| 64 typedef CRYPTO_BUFFER* OSCertHandle; |
| 65 #elif defined(OS_WIN) |
60 typedef PCCERT_CONTEXT OSCertHandle; | 66 typedef PCCERT_CONTEXT OSCertHandle; |
61 #elif defined(OS_MACOSX) | 67 #elif defined(OS_MACOSX) |
62 typedef SecCertificateRef OSCertHandle; | 68 typedef SecCertificateRef OSCertHandle; |
63 #elif defined(USE_OPENSSL_CERTS) | 69 #elif defined(USE_OPENSSL_CERTS) |
64 typedef X509* OSCertHandle; | 70 typedef X509* OSCertHandle; |
65 #elif defined(USE_NSS_CERTS) | 71 #elif defined(USE_NSS_CERTS) |
66 typedef struct CERTCertificateStr* OSCertHandle; | 72 typedef struct CERTCertificateStr* OSCertHandle; |
67 #else | 73 #else |
68 // TODO(ericroman): not implemented | 74 // TODO(ericroman): not implemented |
69 typedef void* OSCertHandle; | 75 typedef void* OSCertHandle; |
(...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
214 // Returns true if this object and |other| represent the same certificate. | 220 // Returns true if this object and |other| represent the same certificate. |
215 bool Equals(const X509Certificate* other) const; | 221 bool Equals(const X509Certificate* other) const; |
216 | 222 |
217 // Returns intermediate certificates added via AddIntermediateCertificate(). | 223 // Returns intermediate certificates added via AddIntermediateCertificate(). |
218 // Ownership follows the "get" rule: it is the caller's responsibility to | 224 // Ownership follows the "get" rule: it is the caller's responsibility to |
219 // retain the elements of the result. | 225 // retain the elements of the result. |
220 const OSCertHandles& GetIntermediateCertificates() const { | 226 const OSCertHandles& GetIntermediateCertificates() const { |
221 return intermediate_ca_certs_; | 227 return intermediate_ca_certs_; |
222 } | 228 } |
223 | 229 |
224 #if defined(OS_MACOSX) | 230 #if defined(OS_IOS) |
225 // Returns a new CFMutableArrayRef containing this certificate and its | 231 // Returns a new CFMutableArrayRef containing this certificate and its |
226 // intermediate certificates in the form expected by Security.framework | 232 // intermediate certificates in the form expected by Security.framework |
227 // and Keychain Services, or NULL on failure. | 233 // and Keychain Services, or NULL on failure. |
228 // The first item in the array will be this certificate, followed by its | 234 // The first item in the array will be this certificate, followed by its |
229 // intermediates, if any. | 235 // intermediates, if any. |
230 CFMutableArrayRef CreateOSCertChainForCert() const; | 236 CFMutableArrayRef CreateOSCertChainForCert() const; |
231 #endif | 237 #endif |
232 | 238 |
233 // Do any of the given issuer names appear in this cert's chain of trust? | 239 // Do any of the given issuer names appear in this cert's chain of trust? |
234 // |valid_issuers| is a list of DER-encoded X.509 DistinguishedNames. | 240 // |valid_issuers| is a list of DER-encoded X.509 DistinguishedNames. |
(...skipping 216 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
451 // Untrusted intermediate certificates associated with this certificate | 457 // Untrusted intermediate certificates associated with this certificate |
452 // that may be needed for chain building. | 458 // that may be needed for chain building. |
453 OSCertHandles intermediate_ca_certs_; | 459 OSCertHandles intermediate_ca_certs_; |
454 | 460 |
455 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 461 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
456 }; | 462 }; |
457 | 463 |
458 } // namespace net | 464 } // namespace net |
459 | 465 |
460 #endif // NET_CERT_X509_CERTIFICATE_H_ | 466 #endif // NET_CERT_X509_CERTIFICATE_H_ |
OLD | NEW |