cert_verify_proc_chromeos.h revision 5d1f7b1de12d16ceb2c938c56701a3e8bfa558f7
15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#ifndef CHROME_BROWSER_CHROMEOS_NET_CERT_VERIFY_PROC_CHROMEOS_H_ 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define CHROME_BROWSER_CHROMEOS_NET_CERT_VERIFY_PROC_CHROMEOS_H_ 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "crypto/scoped_nss_types.h" 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/cert/cert_verify_proc_nss.h" 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/cert/nss_profile_filter_chromeos.h" 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace chromeos { 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Wrapper around CertVerifyProcNSS which allows filtering trust decisions on a 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// per-slot basis. 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Note that only the simple case is currently handled (if a slot contains a new 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// trust root, that root should not be trusted by CertVerifyProcChromeOS 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// instances using other slots). More complicated cases are not handled (like 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// two slots adding the same root cert but with different trust values). 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class CertVerifyProcChromeOS : public net::CertVerifyProcNSS { 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Creates a CertVerifyProc that doesn't allow any user-provided trust roots. 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CertVerifyProcChromeOS(); 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 26a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // Creates a CertVerifyProc that doesn't allow trust roots provided by 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // users other than the specified slot. 28a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) explicit CertVerifyProcChromeOS(crypto::ScopedPK11Slot public_slot); 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protected: 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual ~CertVerifyProcChromeOS(); 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // net::CertVerifyProcNSS implementation: 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual int VerifyInternal( 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate* cert, 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& hostname, 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int flags, 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::CRLSet* crl_set, 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const net::CertificateList& additional_trust_anchors, 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::CertVerifyResult* verify_result) OVERRIDE; 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Check if the trust root of |current_chain| is allowed. 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // |is_chain_valid_arg| is actually a ChainVerifyArgs*, which is used to pass 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // state through the NSS CERTChainVerifyCallback.isChainValidArg parameter. 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If the chain is allowed, |*chain_ok| will be set to PR_TRUE. 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If the chain is not allowed, |*chain_ok| is set to PR_FALSE, and this 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // function may be called again during a single certificate verification if 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // there are multiple possible valid chains. 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static SECStatus IsChainValidFunc(void* is_chain_valid_arg, 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const CERTCertList* current_chain, 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PRBool* chain_ok); 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::NSSProfileFilterChromeOS profile_filter_; 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace chromeos 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif // CHROME_BROWSER_CHROMEOS_NET_CERT_VERIFY_PROC_CHROMEOS_H_ 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)