Home | History | Annotate | Download | only in cert 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef NET_CERT_NSS_CERT_DATABASE_H_
      6 #define NET_CERT_NSS_CERT_DATABASE_H_
      7 
      8 #include <string>
      9 #include <vector>
     10 
     11 #include "base/basictypes.h"
     12 #include "base/memory/ref_counted.h"
     13 #include "base/strings/string16.h"
     14 #include "net/base/net_export.h"
     15 #include "net/cert/cert_type.h"
     16 #include "net/cert/x509_certificate.h"
     17 
     18 template <typename T> struct DefaultSingletonTraits;
     19 template <class ObserverType> class ObserverListThreadSafe;
     20 
     21 namespace net {
     22 
     23 class CryptoModule;
     24 typedef std::vector<scoped_refptr<CryptoModule> > CryptoModuleList;
     25 
     26 // Provides functions to manipulate the NSS certificate stores.
     27 class NET_EXPORT NSSCertDatabase {
     28  public:
     29 
     30   class NET_EXPORT Observer {
     31    public:
     32     virtual ~Observer() {}
     33 
     34     // Will be called when a new certificate is added.
     35     // Called with |cert| == NULL after importing a list of certificates
     36     // in ImportFromPKCS12().
     37     virtual void OnCertAdded(const X509Certificate* cert) {}
     38 
     39     // Will be called when a certificate is removed.
     40     virtual void OnCertRemoved(const X509Certificate* cert) {}
     41 
     42     // Will be called when a certificate's trust is changed.
     43     // Called with |cert| == NULL after importing a list of certificates
     44     // in ImportCACerts().
     45     virtual void OnCertTrustChanged(const X509Certificate* cert) {}
     46 
     47    protected:
     48     Observer() {}
     49 
     50    private:
     51     DISALLOW_COPY_AND_ASSIGN(Observer);
     52   };
     53 
     54   // Stores per-certificate error codes for import failures.
     55   struct NET_EXPORT ImportCertFailure {
     56    public:
     57     ImportCertFailure(const scoped_refptr<X509Certificate>& cert, int err);
     58     ~ImportCertFailure();
     59 
     60     scoped_refptr<X509Certificate> certificate;
     61     int net_error;
     62   };
     63   typedef std::vector<ImportCertFailure> ImportCertFailureList;
     64 
     65   // Constants that define which usages a certificate is trusted for.
     66   // They are used in combination with CertType to specify trust for each type
     67   // of certificate.
     68   // For a CA_CERT, they specify that the CA is trusted for issuing server and
     69   // client certs of each type.
     70   // For SERVER_CERT, only TRUSTED_SSL makes sense, and specifies the cert is
     71   // trusted as a server.
     72   // For EMAIL_CERT, only TRUSTED_EMAIL makes sense, and specifies the cert is
     73   // trusted for email.
     74   // DISTRUSTED_* specifies that the cert should not be trusted for the given
     75   // usage, regardless of whether it would otherwise inherit trust from the
     76   // issuer chain.
     77   // Use TRUST_DEFAULT to inherit trust as normal.
     78   // NOTE: The actual constants are defined using an enum instead of static
     79   // consts due to compilation/linkage constraints with template functions.
     80   typedef uint32 TrustBits;
     81   enum {
     82     TRUST_DEFAULT         =      0,
     83     TRUSTED_SSL           = 1 << 0,
     84     TRUSTED_EMAIL         = 1 << 1,
     85     TRUSTED_OBJ_SIGN      = 1 << 2,
     86     DISTRUSTED_SSL        = 1 << 3,
     87     DISTRUSTED_EMAIL      = 1 << 4,
     88     DISTRUSTED_OBJ_SIGN   = 1 << 5,
     89   };
     90 
     91   static NSSCertDatabase* GetInstance();
     92 
     93   // Get a list of unique certificates in the certificate database (one
     94   // instance of all certificates).
     95   void ListCerts(CertificateList* certs);
     96 
     97   // Get the default module for public key data.
     98   // The returned pointer must be stored in a scoped_refptr<CryptoModule>.
     99   CryptoModule* GetPublicModule() const;
    100 
    101   // Get the default module for private key or mixed private/public key data.
    102   // The returned pointer must be stored in a scoped_refptr<CryptoModule>.
    103   CryptoModule* GetPrivateModule() const;
    104 
    105   // Get all modules.
    106   // If |need_rw| is true, only writable modules will be returned.
    107   void ListModules(CryptoModuleList* modules, bool need_rw) const;
    108 
    109   // Import certificates and private keys from PKCS #12 blob into the module.
    110   // If |is_extractable| is false, mark the private key as being unextractable
    111   // from the module.
    112   // Returns OK or a network error code such as ERR_PKCS12_IMPORT_BAD_PASSWORD
    113   // or ERR_PKCS12_IMPORT_ERROR. |imported_certs|, if non-NULL, returns a list
    114   // of certs that were imported.
    115   int ImportFromPKCS12(CryptoModule* module,
    116                        const std::string& data,
    117                        const base::string16& password,
    118                        bool is_extractable,
    119                        CertificateList* imported_certs);
    120 
    121   // Export the given certificates and private keys into a PKCS #12 blob,
    122   // storing into |output|.
    123   // Returns the number of certificates successfully exported.
    124   int ExportToPKCS12(const CertificateList& certs,
    125                      const base::string16& password,
    126                      std::string* output) const;
    127 
    128   // Uses similar logic to nsNSSCertificateDB::handleCACertDownload to find the
    129   // root.  Assumes the list is an ordered hierarchy with the root being either
    130   // the first or last element.
    131   // TODO(mattm): improve this to handle any order.
    132   X509Certificate* FindRootInList(const CertificateList& certificates) const;
    133 
    134   // Import CA certificates.
    135   // Tries to import all the certificates given.  The root will be trusted
    136   // according to |trust_bits|.  Any certificates that could not be imported
    137   // will be listed in |not_imported|.
    138   // Returns false if there is an internal error, otherwise true is returned and
    139   // |not_imported| should be checked for any certificates that were not
    140   // imported.
    141   bool ImportCACerts(const CertificateList& certificates,
    142                      TrustBits trust_bits,
    143                      ImportCertFailureList* not_imported);
    144 
    145   // Import server certificate.  The first cert should be the server cert.  Any
    146   // additional certs should be intermediate/CA certs and will be imported but
    147   // not given any trust.
    148   // Any certificates that could not be imported will be listed in
    149   // |not_imported|.
    150   // |trust_bits| can be set to explicitly trust or distrust the certificate, or
    151   // use TRUST_DEFAULT to inherit trust as normal.
    152   // Returns false if there is an internal error, otherwise true is returned and
    153   // |not_imported| should be checked for any certificates that were not
    154   // imported.
    155   bool ImportServerCert(const CertificateList& certificates,
    156                         TrustBits trust_bits,
    157                         ImportCertFailureList* not_imported);
    158 
    159   // Get trust bits for certificate.
    160   TrustBits GetCertTrust(const X509Certificate* cert, CertType type) const;
    161 
    162   // IsUntrusted returns true if |cert| is specifically untrusted. These
    163   // certificates are stored in the database for the specific purpose of
    164   // rejecting them.
    165   bool IsUntrusted(const X509Certificate* cert) const;
    166 
    167   // Set trust values for certificate.
    168   // Returns true on success or false on failure.
    169   bool SetCertTrust(const X509Certificate* cert,
    170                     CertType type,
    171                     TrustBits trust_bits);
    172 
    173   // Delete certificate and associated private key (if one exists).
    174   // |cert| is still valid when this function returns. Returns true on
    175   // success.
    176   bool DeleteCertAndKey(const X509Certificate* cert);
    177 
    178   // Check whether cert is stored in a readonly slot.
    179   bool IsReadOnly(const X509Certificate* cert) const;
    180 
    181   // Registers |observer| to receive notifications of certificate changes.  The
    182   // thread on which this is called is the thread on which |observer| will be
    183   // called back with notifications.
    184   void AddObserver(Observer* observer);
    185 
    186   // Unregisters |observer| from receiving notifications.  This must be called
    187   // on the same thread on which AddObserver() was called.
    188   void RemoveObserver(Observer* observer);
    189 
    190  private:
    191   friend struct DefaultSingletonTraits<NSSCertDatabase>;
    192 
    193   NSSCertDatabase();
    194   ~NSSCertDatabase();
    195 
    196   // Broadcasts notifications to all registered observers.
    197   void NotifyObserversOfCertAdded(const X509Certificate* cert);
    198   void NotifyObserversOfCertRemoved(const X509Certificate* cert);
    199   void NotifyObserversOfCertTrustChanged(const X509Certificate* cert);
    200 
    201   const scoped_refptr<ObserverListThreadSafe<Observer> > observer_list_;
    202 
    203   DISALLOW_COPY_AND_ASSIGN(NSSCertDatabase);
    204 };
    205 
    206 }  // namespace net
    207 
    208 #endif  // NET_CERT_NSS_CERT_DATABASE_H_
    209