Chromium Code Reviews Chromium Code Reviews
Issue 11458012:
SSLCertRequestInfo: Add |valid_cas| and |valid_key_types| (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ | 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ |
| 6 #define NET_BASE_X509_CERTIFICATE_H_ | 6 #define NET_BASE_X509_CERTIFICATE_H_ |
| 7 | 7 |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <string> | 10 #include <string> |
| (...skipping 27 matching lines...) Expand all Loading... | |
| 38 class PickleIterator; | 38 class PickleIterator; |
| 39 | 39 |
| 40 namespace crypto { | 40 namespace crypto { |
| 41 class RSAPrivateKey; | 41 class RSAPrivateKey; |
| 42 } // namespace crypto | 42 } // namespace crypto |
| 43 | 43 |
| 44 namespace net { | 44 namespace net { |
| 45 | 45 |
| 46 class CRLSet; | 46 class CRLSet; |
| 47 class CertVerifyResult; | 47 class CertVerifyResult; |
| 48 class SSLCertRequestInfo; | |
| 48 | 49 |
| 49 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; | 50 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; |
| 50 | 51 |
| 51 // X509Certificate represents a X.509 certificate, which is comprised a | 52 // X509Certificate represents a X.509 certificate, which is comprised a |
| 52 // particular identity or end-entity certificate, such as an SSL server | 53 // particular identity or end-entity certificate, such as an SSL server |
| 53 // identity or an SSL client certificate, and zero or more intermediate | 54 // identity or an SSL client certificate, and zero or more intermediate |
| 54 // certificates that may be used to build a path to a root certificate. | 55 // certificates that may be used to build a path to a root certificate. |
| 55 class NET_EXPORT X509Certificate | 56 class NET_EXPORT X509Certificate |
| 56 : public base::RefCountedThreadSafe<X509Certificate> { | 57 : public base::RefCountedThreadSafe<X509Certificate> { |
| 57 public: | 58 public: |
| (...skipping 239 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 297 CFArrayRef CreateClientCertificateChain() const; | 298 CFArrayRef CreateClientCertificateChain() const; |
| 298 | 299 |
| 299 // Returns a new CFArrayRef containing this certificate and its intermediate | 300 // Returns a new CFArrayRef containing this certificate and its intermediate |
| 300 // certificates in the form expected by Security.framework and Keychain | 301 // certificates in the form expected by Security.framework and Keychain |
| 301 // Services, or NULL on failure. | 302 // Services, or NULL on failure. |
| 302 // The first item in the array will be this certificate, followed by its | 303 // The first item in the array will be this certificate, followed by its |
| 303 // intermediates, if any. | 304 // intermediates, if any. |
| 304 CFArrayRef CreateOSCertChainForCert() const; | 305 CFArrayRef CreateOSCertChainForCert() const; |
| 305 #endif | 306 #endif |
| 306 | 307 |
| 308 // Does this certificate matches the SSL CertificateRequest parameters | |
|
wtc1
2012/12/15 00:56:18
Typo: matches => match
| |
| 309 // stored in |cert_info|. | |
| 310 bool IsValidClientCertificate(const SSLCertRequestInfo& cert_info); | |
|
wtc1
2012/12/15 00:56:18
"Valid" is ambiguous. How about "Acceptable"?
Alt
| |
| 311 | |
| 307 #if defined(OS_WIN) | 312 #if defined(OS_WIN) |
| 308 // Returns a new PCCERT_CONTEXT containing this certificate and its | 313 // Returns a new PCCERT_CONTEXT containing this certificate and its |
| 309 // intermediate certificates, or NULL on failure. The returned | 314 // intermediate certificates, or NULL on failure. The returned |
| 310 // PCCERT_CONTEXT *MUST NOT* be stored in an X509Certificate, as this will | 315 // PCCERT_CONTEXT *MUST NOT* be stored in an X509Certificate, as this will |
| 311 // cause os_cert_handle() to return incorrect results. This function is only | 316 // cause os_cert_handle() to return incorrect results. This function is only |
| 312 // necessary if the CERT_CONTEXT.hCertStore member will be accessed or | 317 // necessary if the CERT_CONTEXT.hCertStore member will be accessed or |
| 313 // enumerated, which is generally true for any CryptoAPI functions involving | 318 // enumerated, which is generally true for any CryptoAPI functions involving |
| 314 // certificate chains, including validation or certificate display. | 319 // certificate chains, including validation or certificate display. |
| 315 // | 320 // |
| 316 // Remarks: | 321 // Remarks: |
| (...skipping 194 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 511 // based on the type of the certificate. | 516 // based on the type of the certificate. |
| 512 std::string default_nickname_; | 517 std::string default_nickname_; |
| 513 #endif | 518 #endif |
| 514 | 519 |
| 515 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 520 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
| 516 }; | 521 }; |
| 517 | 522 |
| 518 } // namespace net | 523 } // namespace net |
| 519 | 524 |
| 520 #endif // NET_BASE_X509_CERTIFICATE_H_ | 525 #endif // NET_BASE_X509_CERTIFICATE_H_ |
| OLD | NEW |
