1 // Copyright 2012 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "net/cert/test_root_certs.h" 6 7 #include <Security/Security.h> 8 9 #include "build/build_config.h" 10 #include "net/cert/pki/cert_errors.h" 11 #include "net/cert/x509_certificate.h" 12 #include "net/cert/x509_util.h" 13 #include "net/cert/x509_util_apple.h" 14 15 namespace net { 16 AddImpl(X509Certificate * certificate)17bool TestRootCerts::AddImpl(X509Certificate* certificate) { 18 base::ScopedCFTypeRef<SecCertificateRef> os_cert( 19 x509_util::CreateSecCertificateFromX509Certificate(certificate)); 20 if (!os_cert) { 21 return false; 22 } 23 24 if (CFArrayContainsValue(temporary_roots_, 25 CFRangeMake(0, CFArrayGetCount(temporary_roots_)), 26 os_cert.get())) { 27 return true; 28 } 29 CFArrayAppendValue(temporary_roots_, os_cert.get()); 30 31 return true; 32 } 33 ClearImpl()34void TestRootCerts::ClearImpl() { 35 CFArrayRemoveAllValues(temporary_roots_); 36 } 37 FixupSecTrustRef(SecTrustRef trust_ref) const38OSStatus TestRootCerts::FixupSecTrustRef(SecTrustRef trust_ref) const { 39 if (IsEmpty()) { 40 return noErr; 41 } 42 43 OSStatus status = SecTrustSetAnchorCertificates(trust_ref, temporary_roots_); 44 if (status) { 45 return status; 46 } 47 // Trust system store in addition to trusting |temporary_roots_|. 48 return SecTrustSetAnchorCertificatesOnly(trust_ref, false); 49 } 50 51 TestRootCerts::~TestRootCerts() = default; 52 Init()53void TestRootCerts::Init() { 54 temporary_roots_.reset( 55 CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks)); 56 } 57 58 } // namespace net 59