Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(414)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: ios/web/net/cert_verifier_block_adapter.h

Issue 1230033005: WKWebView: Added cert verification API to web controller. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Updated comment (s/used/user); Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « ios/web/ios_web_unittests.gyp ('k') | ios/web/net/cert_verifier_block_adapter.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: ios/web/net/cert_verifier_block_adapter.h
diff --git a/ios/web/net/cert_verifier_block_adapter.h b/ios/web/net/cert_verifier_block_adapter.h
index ee9829e68c4db76564129da3192602ef7b3d9b6c..2646f91797af87df60fef528f45a5e86cf8165e4 100644
--- a/ios/web/net/cert_verifier_block_adapter.h
+++ b/ios/web/net/cert_verifier_block_adapter.h
@@ -6,34 +6,42 @@
#define IOS_WEB_NET_CERT_VERIFIER_BLOCK_ADAPTER_H_
#include "base/memory/scoped_ptr.h"
+#include "base/memory/scoped_vector.h"
+#include "base/threading/thread_checker.h"
#include "net/cert/cert_verifier.h"
-#include "net/log/net_log.h"
+#include "net/cert/cert_verify_result.h"
namespace net {
-
-class CertVerifyResult;
class CRLSet;
+class NetLog;
class X509Certificate;
+} // namespace net
+
+namespace web {
-// Provides block-based interface for net::CertVerifier.
+// Provides block-based interface for |net::CertVerifier|. This class must be
+// created and used on the same thread where the |net::CertVerifier| was
+// created.
class CertVerifierBlockAdapter {
public:
- CertVerifierBlockAdapter();
- // Constructs adapter with given |CertVerifier| which can not be null.
- CertVerifierBlockAdapter(scoped_ptr<CertVerifier> cert_verifier);
+ // Constructs adapter with given |CertVerifier| and |NetLog|, both can not be
+ // null. CertVerifierBlockAdapter does NOT take ownership of |cert_verifier|
+ // and |net_log|.
+ CertVerifierBlockAdapter(net::CertVerifier* cert_verifier,
+ net::NetLog* net_log);
// When the verifier is destroyed, all certificate verification requests are
// canceled, and their completion handlers will not be called.
~CertVerifierBlockAdapter();
- // Encapsulates verification parms. |cert| and |hostname| are mandatory, the
+ // Encapsulates verification params. |cert| and |hostname| are mandatory, the
// other params are optional. If either of mandatory arguments is null or
// empty then verification |CompletionHandler| will be called with
- // ERR_INVALID_ARGUMENT status.
+ // ERR_INVALID_ARGUMENT |error|.
struct Params {
// Constructs Params from X509 cert and hostname, which are mandatory for
// verification.
- Params(scoped_refptr<net::X509Certificate> cert,
+ Params(const scoped_refptr<net::X509Certificate>& cert,
const std::string& hostname);
~Params();
@@ -46,31 +54,36 @@ class CertVerifierBlockAdapter {
// If non-empty, is a stapled OCSP response to use.
std::string ocsp_response;
- // Bitwise OR of CertVerifier::VerifyFlags.
- CertVerifier::VerifyFlags flags;
+ // Bitwise OR of |net::CertVerifier::VerifyFlags|.
+ int flags;
- // An optional CRLSet structure which can be used to avoid revocation checks
- // over the network.
- scoped_refptr<CRLSet> crl_set;
+ // An optional |net::CRLSet| structure which can be used to avoid revocation
+ // checks over the network.
+ scoped_refptr<net::CRLSet> crl_set;
};
- // Type of verification completion block. On success CertVerifyResult is not
- // null and status is OK, otherwise CertVerifyResult is null and status is a
- // net error code.
- typedef void (^CompletionHandler)(scoped_ptr<CertVerifyResult>, int status);
+ // Type of verification completion block. If cert is successfully validated
+ // |error| is OK, otherwise |error| is a net error code.
+ typedef void (^CompletionHandler)(net::CertVerifyResult result, int error);
// Verifies certificate with given |params|. |completion_handler| must not be
- // null and call be called either syncronously (in the same runloop) or
- // asyncronously.
+ // null and can be called either synchronously (in the same runloop) or
+ // asynchronously.
void Verify(const Params& params, CompletionHandler completion_handler);
private:
- // Underlying CertVerifier.
- scoped_ptr<CertVerifier> cert_verifier_;
- // Net Log required by CertVerifier.
- BoundNetLog net_log_;
+ // Pending verification requests. Request must be alive until verification is
+ // completed, otherwise verification operation will be cancelled.
+ ScopedVector<net::CertVerifier::Request> pending_requests_;
+ // Underlying unowned CertVerifier.
+ net::CertVerifier* cert_verifier_;
+ // Unowned NetLog required by CertVerifier.
+ net::NetLog* net_log_;
+ // CertVerifierBlockAdapter should be used on the same thread where it was
+ // created.
+ base::ThreadChecker thread_checker_;
};
-} // net
+} // namespace web
#endif // IOS_WEB_NET_CERT_VERIFIER_BLOCK_ADAPTER_H_
« no previous file with comments | « ios/web/ios_web_unittests.gyp ('k') | ios/web/net/cert_verifier_block_adapter.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698