1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "net/base/test_root_certs.h" 6 7 #include <cert.h> 8 9 #include "base/logging.h" 10 #include "base/stl_util-inl.h" 11 #include "crypto/nss_util.h" 12 #include "net/base/x509_certificate.h" 13 14 namespace net { 15 16 // TrustEntry is used to store the original CERTCertificate and CERTCertTrust 17 // for a certificate whose trust status has been changed by the 18 // TestRootCerts. 19 class TestRootCerts::TrustEntry { 20 public: 21 // Creates a new TrustEntry by incrementing the reference to |certificate| 22 // and copying |trust|. 23 TrustEntry(CERTCertificate* certificate, CERTCertTrust trust); 24 ~TrustEntry(); 25 26 CERTCertificate* certificate() const { return certificate_; } 27 CERTCertTrust trust() const { return trust_; } 28 29 private: 30 // The temporary root certificate. 31 CERTCertificate* certificate_; 32 33 // The original trust settings, before |certificate_| was manipulated to 34 // be a temporarily trusted root. 35 CERTCertTrust trust_; 36 37 DISALLOW_COPY_AND_ASSIGN(TrustEntry); 38 }; 39 40 TestRootCerts::TrustEntry::TrustEntry(CERTCertificate* certificate, 41 CERTCertTrust trust) 42 : certificate_(CERT_DupCertificate(certificate)), 43 trust_(trust) { 44 } 45 46 TestRootCerts::TrustEntry::~TrustEntry() { 47 CERT_DestroyCertificate(certificate_); 48 } 49 50 bool TestRootCerts::Add(X509Certificate* certificate) { 51 // Preserve the original trust bits so that they can be restored when 52 // the certificate is removed. 53 CERTCertTrust original_trust; 54 SECStatus rv = CERT_GetCertTrust(certificate->os_cert_handle(), 55 &original_trust); 56 if (rv != SECSuccess) { 57 // CERT_GetCertTrust will fail if the certificate does not have any 58 // particular trust settings associated with it, and attempts to use 59 // |original_trust| later to restore the original trust settings will not 60 // cause the trust settings to be revoked. If the certificate has no 61 // particular trust settings associated with it, mark the certificate as 62 // a valid CA certificate with no specific trust. 63 rv = CERT_DecodeTrustString(&original_trust, "c,c,c"); 64 } 65 66 // Change the trust bits to unconditionally trust this certificate. 67 CERTCertTrust new_trust; 68 rv = CERT_DecodeTrustString(&new_trust, "TCu,Cu,Tu"); 69 if (rv != SECSuccess) { 70 LOG(ERROR) << "Cannot decode certificate trust string."; 71 return false; 72 } 73 74 rv = CERT_ChangeCertTrust(CERT_GetDefaultCertDB(), 75 certificate->os_cert_handle(), 76 &new_trust); 77 if (rv != SECSuccess) { 78 LOG(ERROR) << "Cannot change certificate trust."; 79 return false; 80 } 81 82 trust_cache_.push_back(new TrustEntry(certificate->os_cert_handle(), 83 original_trust)); 84 return true; 85 } 86 87 void TestRootCerts::Clear() { 88 // Restore the certificate trusts to what they were originally, before 89 // Add() was called. Work from the rear first, since if a certificate was 90 // added twice, the second entry's original trust status will be that of 91 // the first entry, while the first entry contains the desired resultant 92 // status. 93 for (std::list<TrustEntry*>::reverse_iterator it = trust_cache_.rbegin(); 94 it != trust_cache_.rend(); ++it) { 95 CERTCertTrust original_trust = (*it)->trust(); 96 SECStatus rv = CERT_ChangeCertTrust(CERT_GetDefaultCertDB(), 97 (*it)->certificate(), 98 &original_trust); 99 // DCHECK(), rather than LOG(), as a failure to restore the original 100 // trust can cause flake or hard-to-trace errors in any unit tests that 101 // occur after Clear() has been called. 102 DCHECK_EQ(SECSuccess, rv) << "Cannot restore certificate trust."; 103 } 104 STLDeleteElements(&trust_cache_); 105 } 106 107 bool TestRootCerts::IsEmpty() const { 108 return trust_cache_.empty(); 109 } 110 111 TestRootCerts::~TestRootCerts() { 112 Clear(); 113 } 114 115 void TestRootCerts::Init() { 116 crypto::EnsureNSSInit(); 117 } 118 119 } // namespace net 120