1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_BASE_EV_ROOT_CA_METADATA_H_ 6 #define NET_BASE_EV_ROOT_CA_METADATA_H_ 7 8 #include "build/build_config.h" 9 10 #if defined(USE_NSS) 11 #include <secoidt.h> 12 #endif 13 14 #include <map> 15 #include <vector> 16 17 #include "net/base/x509_certificate.h" 18 19 template <typename T> 20 struct DefaultSingletonTraits; 21 22 namespace net { 23 24 // A singleton. This class stores the meta data of the root CAs that issue 25 // extended-validation (EV) certificates. 26 class EVRootCAMetadata { 27 public: 28 #if defined(USE_NSS) 29 typedef SECOidTag PolicyOID; 30 #else 31 typedef const char* PolicyOID; 32 #endif 33 34 static EVRootCAMetadata* GetInstance(); 35 36 // If the root CA cert has an EV policy OID, returns true and stores the 37 // policy OID in *policy_oid. Otherwise, returns false. 38 bool GetPolicyOID(const X509Certificate::Fingerprint& fingerprint, 39 PolicyOID* policy_oid) const; 40 41 const PolicyOID* GetPolicyOIDs() const { return &policy_oids_[0]; } 42 int NumPolicyOIDs() const { return policy_oids_.size(); } 43 44 private: 45 EVRootCAMetadata(); 46 ~EVRootCAMetadata() { } 47 48 friend struct DefaultSingletonTraits<EVRootCAMetadata>; 49 50 typedef std::map<X509Certificate::Fingerprint, PolicyOID, 51 X509Certificate::FingerprintLessThan> PolicyOidMap; 52 53 // Maps an EV root CA cert's SHA-1 fingerprint to its EV policy OID. 54 PolicyOidMap ev_policy_; 55 56 std::vector<PolicyOID> policy_oids_; 57 58 DISALLOW_COPY_AND_ASSIGN(EVRootCAMetadata); 59 }; 60 61 } // namespace net 62 63 #endif // NET_BASE_EV_ROOT_CA_METADATA_H_ 64