Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(256)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/ev_root_ca_metadata.h

Issue 10826257: Implement SHA-256 fingerprint support (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/cert_verify_proc.cc ('K') | « net/base/cert_verify_result.cc ('k') | net/base/ev_root_ca_metadata.cc » ('j') | net/base/ssl_info.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_EV_ROOT_CA_METADATA_H_ 5 #ifndef NET_BASE_EV_ROOT_CA_METADATA_H_
6 #define NET_BASE_EV_ROOT_CA_METADATA_H_ 6 #define NET_BASE_EV_ROOT_CA_METADATA_H_
7 7
8 #include "build/build_config.h" 8 #include "build/build_config.h"
9 9
10 #if defined(USE_NSS) 10 #if defined(USE_NSS)
11 #include <secoidt.h> 11 #include <secoidt.h>
12 #endif 12 #endif
13 13
14 #include <map> 14 #include <map>
15 #include <string>
15 #include <vector> 16 #include <vector>
16 17
17 #include "net/base/net_export.h" 18 #include "net/base/net_export.h"
18 #include "net/base/x509_certificate.h" 19 #include "net/base/x509_certificate.h"
19 20
20 namespace base { 21 namespace base {
21 template <typename T> 22 template <typename T>
22 struct DefaultLazyInstanceTraits; 23 struct DefaultLazyInstanceTraits;
23 } // namespace base 24 } // namespace base
24 25
25 namespace net { 26 namespace net {
26 27
27 // A singleton. This class stores the meta data of the root CAs that issue 28 // A singleton. This class stores the meta data of the root CAs that issue
28 // extended-validation (EV) certificates. 29 // extended-validation (EV) certificates.
29 class NET_EXPORT_PRIVATE EVRootCAMetadata { 30 class NET_EXPORT_PRIVATE EVRootCAMetadata {
30 public: 31 public:
31 #if defined(USE_NSS) 32 #if defined(USE_NSS)
32 typedef SECOidTag PolicyOID; 33 typedef SECOidTag PolicyOID;
33 #elif defined(OS_WIN) 34 #elif defined(OS_WIN)
34 typedef const char* PolicyOID; 35 typedef const char* PolicyOID;
35 #endif 36 #endif
36 37
37 static EVRootCAMetadata* GetInstance(); 38 static EVRootCAMetadata* GetInstance();
38 39
39 #if defined(USE_NSS) 40 #if defined(USE_NSS)
40 // If the root CA cert has an EV policy OID, returns true and appends the 41 // If the root CA cert has an EV policy OID, returns true and appends the
41 // policy OIDs to |*policy_oids|. Otherwise, returns false. 42 // policy OIDs to |*policy_oids|. Otherwise, returns false.
42 bool GetPolicyOIDsForCA(const SHA1Fingerprint& fingerprint, 43 bool GetPolicyOIDsForCA(const SHA1HashValue& fingerprint,
43 std::vector<PolicyOID>* policy_oids) const; 44 std::vector<PolicyOID>* policy_oids) const;
44 const PolicyOID* GetPolicyOIDs() const; 45 const PolicyOID* GetPolicyOIDs() const;
45 int NumPolicyOIDs() const; 46 int NumPolicyOIDs() const;
46 #elif defined(OS_WIN) 47 #elif defined(OS_WIN)
47 // Returns true if policy_oid is an EV policy OID of some root CA. 48 // Returns true if policy_oid is an EV policy OID of some root CA.
48 bool IsEVPolicyOID(PolicyOID policy_oid) const; 49 bool IsEVPolicyOID(PolicyOID policy_oid) const;
49 50
50 // Returns true if the root CA with the given certificate fingerprint has 51 // Returns true if the root CA with the given certificate fingerprint has
51 // the EV policy OID policy_oid. 52 // the EV policy OID policy_oid.
52 bool HasEVPolicyOID(const SHA1Fingerprint& fingerprint, 53 bool HasEVPolicyOID(const SHA1HashValue& fingerprint,
53 PolicyOID policy_oid) const; 54 PolicyOID policy_oid) const;
54 #endif 55 #endif
55 56
56 // AddEVCA adds an EV CA to the list of known EV CAs with the given policy. 57 // AddEVCA adds an EV CA to the list of known EV CAs with the given policy.
57 // |policy| is expressed as a string of dotted numbers. It returns true on 58 // |policy| is expressed as a string of dotted numbers. It returns true on
58 // success. 59 // success.
59 bool AddEVCA(const SHA1Fingerprint& fingerprint, const char* policy); 60 bool AddEVCA(const SHA1HashValue& fingerprint, const char* policy);
60 61
61 // RemoveEVCA removes an EV CA that was previously added by AddEVCA. It 62 // RemoveEVCA removes an EV CA that was previously added by AddEVCA. It
62 // returns true on success. 63 // returns true on success.
63 bool RemoveEVCA(const SHA1Fingerprint& fingerprint); 64 bool RemoveEVCA(const SHA1HashValue& fingerprint);
64 65
65 private: 66 private:
66 friend struct base::DefaultLazyInstanceTraits<EVRootCAMetadata>; 67 friend struct base::DefaultLazyInstanceTraits<EVRootCAMetadata>;
67 68
68 EVRootCAMetadata(); 69 EVRootCAMetadata();
69 ~EVRootCAMetadata(); 70 ~EVRootCAMetadata();
70 71
71 #if defined(USE_NSS) 72 #if defined(USE_NSS)
72 typedef std::map<SHA1Fingerprint, std::vector<PolicyOID>, 73 typedef std::map<SHA1HashValue, std::vector<PolicyOID>,
73 SHA1FingerprintLessThan> PolicyOIDMap; 74 SHA1HashValueLessThan> PolicyOIDMap;
74 75
75 // RegisterOID registers |policy|, a policy OID in dotted string form, and 76 // RegisterOID registers |policy|, a policy OID in dotted string form, and
76 // writes the memoized form to |*out|. It returns true on success. 77 // writes the memoized form to |*out|. It returns true on success.
77 static bool RegisterOID(const char* policy, PolicyOID* out); 78 static bool RegisterOID(const char* policy, PolicyOID* out);
78 79
79 PolicyOIDMap ev_policy_; 80 PolicyOIDMap ev_policy_;
80 std::vector<PolicyOID> policy_oids_; 81 std::vector<PolicyOID> policy_oids_;
81 #elif defined(OS_WIN) 82 #elif defined(OS_WIN)
82 typedef std::map<SHA1Fingerprint, std::string, 83 typedef std::map<SHA1HashValue, std::string,
83 SHA1FingerprintLessThan> ExtraEVCAMap; 84 SHA1HashValueLessThan> ExtraEVCAMap;
84 85
85 // extra_cas_ contains any EV CA metadata that was added at runtime. 86 // extra_cas_ contains any EV CA metadata that was added at runtime.
86 ExtraEVCAMap extra_cas_; 87 ExtraEVCAMap extra_cas_;
87 #endif 88 #endif
88 89
89 DISALLOW_COPY_AND_ASSIGN(EVRootCAMetadata); 90 DISALLOW_COPY_AND_ASSIGN(EVRootCAMetadata);
90 }; 91 };
91 92
92 } // namespace net 93 } // namespace net
93 94
94 #endif // NET_BASE_EV_ROOT_CA_METADATA_H_ 95 #endif // NET_BASE_EV_ROOT_CA_METADATA_H_
OLDNEW
« net/base/cert_verify_proc.cc ('K') | « net/base/cert_verify_result.cc ('k') | net/base/ev_root_ca_metadata.cc » ('j') | net/base/ssl_info.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698