#pragma once
#include <wtf/EnumTraits.h>
#include <wtf/RetainPtr.h>
#include <wtf/Vector.h>
#include <wtf/cf/TypeCastsCF.h>
#include <wtf/persistence/PersistentCoder.h>
#if PLATFORM(COCOA)
#include <Security/SecCertificate.h>
#include <Security/SecTrust.h>
#include <wtf/spi/cocoa/SecuritySPI.h>
WTF_DECLARE_CF_TYPE_TRAIT(SecCertificate);
#endif
namespace WebCore {
struct CertificateSummary;
class CertificateInfo {
public:
CertificateInfo() = default;
enum class Type {
None,
CertificateChain,
#if HAVE(SEC_TRUST_SERIALIZATION)
Trust,
#endif
};
#if HAVE(SEC_TRUST_SERIALIZATION)
explicit CertificateInfo(RetainPtr<SecTrustRef>&& trust)
: m_trust(WTFMove(trust))
{
}
SecTrustRef trust() const { return m_trust.get(); }
#endif
CertificateInfo(RetainPtr<CFArrayRef>&& certificateChain)
: m_certificateChain(WTFMove(certificateChain))
{
}
CertificateInfo isolatedCopy() const { return *this; }
WEBCORE_EXPORT CFArrayRef certificateChain() const;
WEBCORE_EXPORT Type type() const;
WEBCORE_EXPORT bool containsNonRootSHA1SignedCertificate() const;
Optional<CertificateSummary> summary() const;
bool isEmpty() const { return type() == Type::None; }
#if PLATFORM(COCOA)
static RetainPtr<CFArrayRef> certificateChainFromSecTrust(SecTrustRef);
#endif
#ifndef NDEBUG
#if PLATFORM(COCOA)
void dump() const;
#endif
#endif
private:
#if HAVE(SEC_TRUST_SERIALIZATION)
RetainPtr<SecTrustRef> m_trust;
#endif
mutable RetainPtr<CFArrayRef> m_certificateChain;
};
#if PLATFORM(COCOA)
WEBCORE_EXPORT bool certificatesMatch(SecTrustRef, SecTrustRef);
#endif
}
namespace WTF {
template<> struct EnumTraits<WebCore::CertificateInfo::Type> {
using values = EnumValues<
WebCore::CertificateInfo::Type,
WebCore::CertificateInfo::Type::None,
WebCore::CertificateInfo::Type::CertificateChain
#if HAVE(SEC_TRUST_SERIALIZATION)
, WebCore::CertificateInfo::Type::Trust
#endif
>;
};
namespace Persistence {
template<> struct Coder<WebCore::CertificateInfo> {
static WEBCORE_EXPORT void encode(Encoder&, const WebCore::CertificateInfo&);
static WEBCORE_EXPORT Optional<WebCore::CertificateInfo> decode(Decoder&);
};
}
}