Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(462)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/ev_root_ca_metadata.h

Issue 10857020: Do not perform online revocation checking when the user has explicitly disabled it, except for when… (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Review feedback Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/cert_verify_proc_win.cc ('k') | net/base/ev_root_ca_metadata.cc » ('j') | net/base/x509_certificate.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_EV_ROOT_CA_METADATA_H_ 5 #ifndef NET_BASE_EV_ROOT_CA_METADATA_H_
6 #define NET_BASE_EV_ROOT_CA_METADATA_H_ 6 #define NET_BASE_EV_ROOT_CA_METADATA_H_
7 7
8 #include "build/build_config.h" 8 #include "build/build_config.h"
9 9
10 #if defined(USE_NSS) 10 #if defined(USE_NSS)
11 #include <secoidt.h> 11 #include <secoidt.h>
12 #endif 12 #endif
13 13
14 #include <map> 14 #include <map>
15 #include <set>
15 #include <vector> 16 #include <vector>
16 17
17 #include "net/base/net_export.h" 18 #include "net/base/net_export.h"
18 #include "net/base/x509_certificate.h" 19 #include "net/base/x509_certificate.h"
19 20
20 namespace base { 21 namespace base {
21 template <typename T> 22 template <typename T>
22 struct DefaultLazyInstanceTraits; 23 struct DefaultLazyInstanceTraits;
23 } // namespace base 24 } // namespace base
24 25
25 namespace net { 26 namespace net {
26 27
27 // A singleton. This class stores the meta data of the root CAs that issue 28 // A singleton. This class stores the meta data of the root CAs that issue
28 // extended-validation (EV) certificates. 29 // extended-validation (EV) certificates.
29 class NET_EXPORT_PRIVATE EVRootCAMetadata { 30 class NET_EXPORT_PRIVATE EVRootCAMetadata {
30 public: 31 public:
31 #if defined(USE_NSS) 32 #if defined(USE_NSS)
32 typedef SECOidTag PolicyOID; 33 typedef SECOidTag PolicyOID;
33 #elif defined(OS_WIN) 34 #elif defined(OS_WIN)
34 typedef const char* PolicyOID; 35 typedef const char* PolicyOID;
35 #endif 36 #endif
36 37
37 static EVRootCAMetadata* GetInstance(); 38 static EVRootCAMetadata* GetInstance();
38 39
39 #if defined(USE_NSS) 40 #if defined(USE_NSS) || defined(OS_WIN)
40 // If the root CA cert has an EV policy OID, returns true and appends the
41 // policy OIDs to |*policy_oids|. Otherwise, returns false.
42 bool GetPolicyOIDsForCA(const SHA1Fingerprint& fingerprint,
43 std::vector<PolicyOID>* policy_oids) const;
44 const PolicyOID* GetPolicyOIDs() const;
45 int NumPolicyOIDs() const;
46 #elif defined(OS_WIN)
47 // Returns true if policy_oid is an EV policy OID of some root CA. 41 // Returns true if policy_oid is an EV policy OID of some root CA.
48 bool IsEVPolicyOID(PolicyOID policy_oid) const; 42 bool IsEVPolicyOID(PolicyOID policy_oid) const;
49 43
50 // Returns true if the root CA with the given certificate fingerprint has 44 // Returns true if the root CA with the given certificate fingerprint has
51 // the EV policy OID policy_oid. 45 // the EV policy OID policy_oid.
52 bool HasEVPolicyOID(const SHA1Fingerprint& fingerprint, 46 bool HasEVPolicyOID(const SHA1Fingerprint& fingerprint,
53 PolicyOID policy_oid) const; 47 PolicyOID policy_oid) const;
54 #endif 48 #endif
55 49
56 // AddEVCA adds an EV CA to the list of known EV CAs with the given policy. 50 // AddEVCA adds an EV CA to the list of known EV CAs with the given policy.
(...skipping 13 matching lines...) Expand all
70 64
71 #if defined(USE_NSS) 65 #if defined(USE_NSS)
72 typedef std::map<SHA1Fingerprint, std::vector<PolicyOID>, 66 typedef std::map<SHA1Fingerprint, std::vector<PolicyOID>,
73 SHA1FingerprintLessThan> PolicyOIDMap; 67 SHA1FingerprintLessThan> PolicyOIDMap;
74 68
75 // RegisterOID registers |policy|, a policy OID in dotted string form, and 69 // RegisterOID registers |policy|, a policy OID in dotted string form, and
76 // writes the memoized form to |*out|. It returns true on success. 70 // writes the memoized form to |*out|. It returns true on success.
77 static bool RegisterOID(const char* policy, PolicyOID* out); 71 static bool RegisterOID(const char* policy, PolicyOID* out);
78 72
79 PolicyOIDMap ev_policy_; 73 PolicyOIDMap ev_policy_;
80 std::vector<PolicyOID> policy_oids_; 74 std::set<PolicyOID> policy_oids_;
81 #elif defined(OS_WIN) 75 #elif defined(OS_WIN)
82 typedef std::map<SHA1Fingerprint, std::string, 76 typedef std::map<SHA1Fingerprint, std::string,
83 SHA1FingerprintLessThan> ExtraEVCAMap; 77 SHA1FingerprintLessThan> ExtraEVCAMap;
84 78
85 // extra_cas_ contains any EV CA metadata that was added at runtime. 79 // extra_cas_ contains any EV CA metadata that was added at runtime.
86 ExtraEVCAMap extra_cas_; 80 ExtraEVCAMap extra_cas_;
87 #endif 81 #endif
88 82
89 DISALLOW_COPY_AND_ASSIGN(EVRootCAMetadata); 83 DISALLOW_COPY_AND_ASSIGN(EVRootCAMetadata);
90 }; 84 };
91 85
92 } // namespace net 86 } // namespace net
93 87
94 #endif // NET_BASE_EV_ROOT_CA_METADATA_H_ 88 #endif // NET_BASE_EV_ROOT_CA_METADATA_H_
OLDNEW
« no previous file with comments | « net/base/cert_verify_proc_win.cc ('k') | net/base/ev_root_ca_metadata.cc » ('j') | net/base/x509_certificate.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698