diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-07 15:06:46 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-07 15:06:46 +0000 |
| commit | 81502db60102ce82450113c755cba4987bd311ab (patch) | |
| tree | d30fde473581469ea239230b1f821c6b2d9e4c78 /net/base/x509_certificate.h | |
| parent | fbb1bffa8523f50389815d80038949ce7af6c0c6 (diff) | |
| download | chromium_src-81502db60102ce82450113c755cba4987bd311ab.zip chromium_src-81502db60102ce82450113c755cba4987bd311ab.tar.gz chromium_src-81502db60102ce82450113c755cba4987bd311ab.tar.bz2 | |
net: add ability to distinguish user-added root CAs.
We have several places where a need to distinguish `real' root CAs from
user-added root CAs will be useful:
1) Monoscope wants to inspect correctly signed, but unknown certificates, but
doesn't want to deal with proxy MITM certificates.
2) HSTS is likely to add a method for pinning to a certificate, but we don't
want to break every proxy MITM with it.
This change adds several lists of known, `real' roots. These lists present an
ongoing maintainance issue. However, in the event that the lists are incomplete
in the future, we fail open. This is because roots not in these lists are
treated as user-added and user-added roots have more authority than `real'
roots.
In some sense, this is a problem because it might be a security issue that new
roots are given too much authority. On the other hand, we're not breaking
things when we're behind on updating the lists so the maintainance issue isn't
too pressing.
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/6793041
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@80778 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/x509_certificate.h')
| -rw-r--r-- | net/base/x509_certificate.h | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/net/base/x509_certificate.h b/net/base/x509_certificate.h index 52bb9f1..986f867 100644 --- a/net/base/x509_certificate.h +++ b/net/base/x509_certificate.h @@ -167,7 +167,7 @@ class X509Certificate : public base::RefCountedThreadSafe<X509Certificate> { // An example: // CN=Michael Wong,O=FooBar Corporation,DC=foobar,DC=com // - // SECURUITY WARNING + // SECURITY WARNING // // Using self-signed certificates has the following security risks: // 1. Encryption without authentication and thus vulnerable to @@ -344,6 +344,10 @@ class X509Certificate : public base::RefCountedThreadSafe<X509Certificate> { #if defined(OS_WIN) bool CheckEV(PCCERT_CHAIN_CONTEXT chain_context, const char* policy_oid) const; + static bool IsIssuedByKnownRoot(PCCERT_CHAIN_CONTEXT chain_context); +#endif +#if defined(OS_MACOSX) + static bool IsIssuedByKnownRoot(CFArrayRef chain); #endif bool VerifyEV() const; @@ -378,6 +382,12 @@ class X509Certificate : public base::RefCountedThreadSafe<X509Certificate> { // IsBlacklisted returns true if this certificate is explicitly blacklisted. bool IsBlacklisted() const; + // IsSHA1HashInSortedArray returns true iff |hash| is in |array|, a sorted + // array of SHA1 hashes. + static bool IsSHA1HashInSortedArray(const SHA1Fingerprint& hash, + const uint8* array, + size_t array_byte_len); + // The subject of the certificate. CertPrincipal subject_; |