1// Copyright (c) 2010 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef NET_BASE_EV_ROOT_CA_METADATA_H_ 6#define NET_BASE_EV_ROOT_CA_METADATA_H_ 7#pragma once 8 9#include "build/build_config.h" 10 11#if defined(USE_NSS) 12#include <secoidt.h> 13#endif 14 15#include <map> 16#include <vector> 17 18#include "net/base/x509_certificate.h" 19 20namespace base { 21template <typename T> 22struct DefaultLazyInstanceTraits; 23} // namespace base 24 25namespace net { 26 27// A singleton. This class stores the meta data of the root CAs that issue 28// extended-validation (EV) certificates. 29class EVRootCAMetadata { 30 public: 31#if defined(USE_NSS) 32 typedef SECOidTag PolicyOID; 33#else 34 typedef const char* PolicyOID; 35#endif 36 37 static EVRootCAMetadata* GetInstance(); 38 39 // If the root CA cert has an EV policy OID, returns true and stores the 40 // policy OID in *policy_oid. Otherwise, returns false. 41 bool GetPolicyOID(const SHA1Fingerprint& fingerprint, 42 PolicyOID* policy_oid) const; 43 44 const PolicyOID* GetPolicyOIDs() const { return &policy_oids_[0]; } 45#if defined(OS_WIN) 46 int NumPolicyOIDs() const { return num_policy_oids_; } 47#else 48 int NumPolicyOIDs() const { return policy_oids_.size(); } 49#endif 50 51 // Returns true if policy_oid is an EV policy OID of some root CA. 52 bool IsEVPolicyOID(PolicyOID policy_oid) const; 53 54 // Returns true if the root CA with the given certificate fingerprint has 55 // the EV policy OID policy_oid. 56 bool HasEVPolicyOID(const SHA1Fingerprint& fingerprint, 57 PolicyOID policy_oid) const; 58 59 private: 60 friend struct base::DefaultLazyInstanceTraits<EVRootCAMetadata>; 61 62 typedef std::map<SHA1Fingerprint, PolicyOID, 63 SHA1FingerprintLessThan> PolicyOidMap; 64 65 EVRootCAMetadata(); 66 ~EVRootCAMetadata(); 67 68 static bool PolicyOIDsAreEqual(PolicyOID a, PolicyOID b); 69 70 // Maps an EV root CA cert's SHA-1 fingerprint to its EV policy OID. 71 PolicyOidMap ev_policy_; 72 73#if defined(OS_WIN) 74 static const PolicyOID policy_oids_[]; 75 int num_policy_oids_; 76#else 77 std::vector<PolicyOID> policy_oids_; 78#endif 79 80 DISALLOW_COPY_AND_ASSIGN(EVRootCAMetadata); 81}; 82 83} // namespace net 84 85#endif // NET_BASE_EV_ROOT_CA_METADATA_H_ 86