net/cert/cert_verify_proc_mac.h - codesearch/chromium/src - Git at Google

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef NET_CERT_CERT_VERIFY_PROC_MAC_H_
 #define NET_CERT_CERT_VERIFY_PROC_MAC_H_

 #include "base/supports_user_data.h"
 #include "net/base/net_export.h"
 #include "net/cert/cert_verify_proc.h"

 namespace net {

 // Performs certificate path construction and validation using OS X's
 // Security.framework.
 class NET_EXPORT_PRIVATE CertVerifyProcMac : public CertVerifyProc {
  public:
   class ResultDebugData : public base::SupportsUserData::Data {
    public:
     struct CertEvidenceInfo {
       CertEvidenceInfo();
       ~CertEvidenceInfo();
       CertEvidenceInfo(const CertEvidenceInfo&);
       CertEvidenceInfo(CertEvidenceInfo&&);

       // A bitfield indicating various status of the cert, defined in
       // cssmapple.h
       uint32_t status_bits;
       // CSSM_RETURN status codes for the cert, defined in cssmtype.h, values in
       // cssmerr.h and cssmErrorStrings.h.
       std::vector<int32_t> status_codes;
     };

     ResultDebugData(uint32_t trust_result,
                     int32_t result_code,
                     std::vector<CertEvidenceInfo> status_chain);
     ~ResultDebugData() override;
     ResultDebugData(const ResultDebugData&);

     static const ResultDebugData* Get(const base::SupportsUserData* debug_data);
     static void Create(uint32_t trust_result,
                        int32_t result_code,
                        std::vector<CertEvidenceInfo> status_chain,
                        base::SupportsUserData* debug_data);

     // base::SupportsUserData::Data implementation:
     std::unique_ptr<Data> Clone() override;

     uint32_t trust_result() const { return trust_result_; }
     int32_t result_code() const { return result_code_; }
     const std::vector<CertEvidenceInfo>& status_chain() const {
       return status_chain_;
     }

    private:
     // The SecTrustResultType result from SecTrustEvaluate.
     uint32_t trust_result_;
     // The OSStatus resultCode from SecTrustGetCssmResultCode.
     int32_t result_code_;
     // The CSSM_TP_APPLE_EVIDENCE_INFO statusChain from SecTrustGetResult. Each
     // entry corresponds to one of the certs in the verified chain (leaf first).
     std::vector<CertEvidenceInfo> status_chain_;
   };

   CertVerifyProcMac();

   bool SupportsAdditionalTrustAnchors() const override;

  protected:
   ~CertVerifyProcMac() override;

  private:
   int VerifyInternal(X509Certificate* cert,
                      const std::string& hostname,
                      const std::string& ocsp_response,
                      const std::string& sct_list,
                      int flags,
                      CRLSet* crl_set,
                      const CertificateList& additional_trust_anchors,
                      CertVerifyResult* verify_result,
                      const NetLogWithSource& net_log) override;
 };

 }  // namespace net

 #endif  // NET_CERT_CERT_VERIFY_PROC_MAC_H_
	// Copyright (c) 2012 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef NET_CERT_CERT_VERIFY_PROC_MAC_H_
	#define NET_CERT_CERT_VERIFY_PROC_MAC_H_

	#include "base/supports_user_data.h"
	#include "net/base/net_export.h"
	#include "net/cert/cert_verify_proc.h"

	namespace net {

	// Performs certificate path construction and validation using OS X's
	// Security.framework.
	class NET_EXPORT_PRIVATE CertVerifyProcMac : public CertVerifyProc {
	public:
	class ResultDebugData : public base::SupportsUserData::Data {
	public:
	struct CertEvidenceInfo {
	CertEvidenceInfo();
	~CertEvidenceInfo();
	CertEvidenceInfo(const CertEvidenceInfo&);
	CertEvidenceInfo(CertEvidenceInfo&&);

	// A bitfield indicating various status of the cert, defined in
	// cssmapple.h
	uint32_t status_bits;
	// CSSM_RETURN status codes for the cert, defined in cssmtype.h, values in
	// cssmerr.h and cssmErrorStrings.h.
	std::vector<int32_t> status_codes;
	};

	ResultDebugData(uint32_t trust_result,
	int32_t result_code,
	std::vector<CertEvidenceInfo> status_chain);
	~ResultDebugData() override;
	ResultDebugData(const ResultDebugData&);

	static const ResultDebugData* Get(const base::SupportsUserData* debug_data);
	static void Create(uint32_t trust_result,
	int32_t result_code,
	std::vector<CertEvidenceInfo> status_chain,
	base::SupportsUserData* debug_data);

	// base::SupportsUserData::Data implementation:
	std::unique_ptr<Data> Clone() override;

	uint32_t trust_result() const { return trust_result_; }
	int32_t result_code() const { return result_code_; }
	const std::vector<CertEvidenceInfo>& status_chain() const {
	return status_chain_;
	}

	private:
	// The SecTrustResultType result from SecTrustEvaluate.
	uint32_t trust_result_;
	// The OSStatus resultCode from SecTrustGetCssmResultCode.
	int32_t result_code_;
	// The CSSM_TP_APPLE_EVIDENCE_INFO statusChain from SecTrustGetResult. Each
	// entry corresponds to one of the certs in the verified chain (leaf first).
	std::vector<CertEvidenceInfo> status_chain_;
	};

	CertVerifyProcMac();

	bool SupportsAdditionalTrustAnchors() const override;

	protected:
	~CertVerifyProcMac() override;

	private:
	int VerifyInternal(X509Certificate* cert,
	const std::string& hostname,
	const std::string& ocsp_response,
	const std::string& sct_list,
	int flags,
	CRLSet* crl_set,
	const CertificateList& additional_trust_anchors,
	CertVerifyResult* verify_result,
	const NetLogWithSource& net_log) override;
	};

	} // namespace net

	#endif // NET_CERT_CERT_VERIFY_PROC_MAC_H_