• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "net/base/test_root_certs.h"
6 
7 #include <cert.h>
8 
9 #include "base/logging.h"
10 #include "base/stl_util-inl.h"
11 #include "crypto/nss_util.h"
12 #include "net/base/x509_certificate.h"
13 
14 namespace net {
15 
16 // TrustEntry is used to store the original CERTCertificate and CERTCertTrust
17 // for a certificate whose trust status has been changed by the
18 // TestRootCerts.
19 class TestRootCerts::TrustEntry {
20  public:
21   // Creates a new TrustEntry by incrementing the reference to |certificate|
22   // and copying |trust|.
23   TrustEntry(CERTCertificate* certificate, CERTCertTrust trust);
24   ~TrustEntry();
25 
certificate() const26   CERTCertificate* certificate() const { return certificate_; }
trust() const27   CERTCertTrust trust() const { return trust_; }
28 
29  private:
30   // The temporary root certificate.
31   CERTCertificate* certificate_;
32 
33   // The original trust settings, before |certificate_| was manipulated to
34   // be a temporarily trusted root.
35   CERTCertTrust trust_;
36 
37   DISALLOW_COPY_AND_ASSIGN(TrustEntry);
38 };
39 
TrustEntry(CERTCertificate * certificate,CERTCertTrust trust)40 TestRootCerts::TrustEntry::TrustEntry(CERTCertificate* certificate,
41                                       CERTCertTrust trust)
42     : certificate_(CERT_DupCertificate(certificate)),
43       trust_(trust) {
44 }
45 
~TrustEntry()46 TestRootCerts::TrustEntry::~TrustEntry() {
47   CERT_DestroyCertificate(certificate_);
48 }
49 
Add(X509Certificate * certificate)50 bool TestRootCerts::Add(X509Certificate* certificate) {
51   // Preserve the original trust bits so that they can be restored when
52   // the certificate is removed.
53   CERTCertTrust original_trust;
54   SECStatus rv = CERT_GetCertTrust(certificate->os_cert_handle(),
55                                    &original_trust);
56   if (rv != SECSuccess) {
57     // CERT_GetCertTrust will fail if the certificate does not have any
58     // particular trust settings associated with it, and attempts to use
59     // |original_trust| later to restore the original trust settings will not
60     // cause the trust settings to be revoked. If the certificate has no
61     // particular trust settings associated with it, mark the certificate as
62     // a valid CA certificate with no specific trust.
63     rv = CERT_DecodeTrustString(&original_trust, "c,c,c");
64   }
65 
66   // Change the trust bits to unconditionally trust this certificate.
67   CERTCertTrust new_trust;
68   rv = CERT_DecodeTrustString(&new_trust, "TCu,Cu,Tu");
69   if (rv != SECSuccess) {
70     LOG(ERROR) << "Cannot decode certificate trust string.";
71     return false;
72   }
73 
74   rv = CERT_ChangeCertTrust(CERT_GetDefaultCertDB(),
75                             certificate->os_cert_handle(),
76                             &new_trust);
77   if (rv != SECSuccess) {
78     LOG(ERROR) << "Cannot change certificate trust.";
79     return false;
80   }
81 
82   trust_cache_.push_back(new TrustEntry(certificate->os_cert_handle(),
83                                         original_trust));
84   return true;
85 }
86 
Clear()87 void TestRootCerts::Clear() {
88   // Restore the certificate trusts to what they were originally, before
89   // Add() was called. Work from the rear first, since if a certificate was
90   // added twice, the second entry's original trust status will be that of
91   // the first entry, while the first entry contains the desired resultant
92   // status.
93   for (std::list<TrustEntry*>::reverse_iterator it = trust_cache_.rbegin();
94        it != trust_cache_.rend(); ++it) {
95     CERTCertTrust original_trust = (*it)->trust();
96     SECStatus rv = CERT_ChangeCertTrust(CERT_GetDefaultCertDB(),
97                                         (*it)->certificate(),
98                                         &original_trust);
99     // DCHECK(), rather than LOG(), as a failure to restore the original
100     // trust can cause flake or hard-to-trace errors in any unit tests that
101     // occur after Clear() has been called.
102     DCHECK_EQ(SECSuccess, rv) << "Cannot restore certificate trust.";
103   }
104   STLDeleteElements(&trust_cache_);
105 }
106 
IsEmpty() const107 bool TestRootCerts::IsEmpty() const {
108   return trust_cache_.empty();
109 }
110 
~TestRootCerts()111 TestRootCerts::~TestRootCerts() {
112   Clear();
113 }
114 
Init()115 void TestRootCerts::Init() {
116   crypto::EnsureNSSInit();
117 }
118 
119 }  // namespace net
120