Index: net/base/x509_certificate.h |
=================================================================== |
--- net/base/x509_certificate.h (revision 2361) |
+++ net/base/x509_certificate.h (working copy) |
@@ -15,6 +15,8 @@ |
#if defined(OS_WIN) |
#include <windows.h> |
#include <wincrypt.h> |
+#elif defined(OS_MACOSX) |
+#include <Security/Security.h> |
#endif |
class Pickle; |
@@ -44,6 +46,8 @@ |
#if defined(OS_WIN) |
typedef PCCERT_CONTEXT OSCertHandle; |
+#elif defined(OS_MACOSX) |
+ typedef SecCertificateRef OSCertHandle; |
#else |
// TODO(ericroman): not implemented |
typedef void* OSCertHandle; |
@@ -102,12 +106,14 @@ |
}; |
// Create an X509Certificate from a handle to the certificate object |
- // in the underlying crypto library. |
+ // in the underlying crypto library. This is a transfer of ownership; |
+ // X509Certificate will properly dispose of |cert_handle| for you. |
static X509Certificate* CreateFromHandle(OSCertHandle cert_handle); |
// Create an X509Certificate from the representation stored in the given |
// pickle. The data for this object is found relative to the given |
// pickle_iter, which should be passed to the pickle's various Read* methods. |
+ // Returns NULL on failure. |
static X509Certificate* CreateFromPickle(const Pickle& pickle, |
void** pickle_iter); |
@@ -127,6 +133,7 @@ |
// The issuer of the certificate. |
const Principal& issuer() const { return issuer_; } |
+#if defined(OS_WIN) |
Amanda Walker
2008/09/18 16:14:43
Since you wrote code to extract individual fields
wtc
2008/09/18 20:37:55
I believe the valid_start() and valid_expiry() met
Avi (use Gerrit)
2008/09/18 20:48:17
No, they are not. valid_start() isn't used anywher
|
// Time period during which the certificate is valid. More precisely, this |
// certificate is invalid before the |valid_start| date and invalid after |
// the |valid_expiry| date. |
@@ -134,6 +141,7 @@ |
// lacks either date), the date will be null (i.e., is_null() will be true). |
const Time& valid_start() const { return valid_start_; } |
const Time& valid_expiry() const { return valid_expiry_; } |
+#endif |
// The fingerprint of this certificate. |
const Fingerprint& fingerprint() const { return fingerprint_; } |
@@ -144,9 +152,11 @@ |
// Otherwise, it gets the common name in the subject field. |
void GetDNSNames(std::vector<std::string>* dns_names) const; |
+#if defined(OS_WIN) |
Amanda Walker
2008/09/18 16:14:43
Same comment as above: we should either implement
|
// Convenience method that returns whether this certificate has expired as of |
// now. |
bool HasExpired() const; |
+#endif |
// Returns true if the certificate is an extended-validation (EV) |
// certificate. |
@@ -168,10 +178,12 @@ |
// Common object initialization code. Called by the constructors only. |
void Initialize(); |
+#if defined(OS_WIN) |
// Helper function to parse a principal from a WinInet description of that |
// principal. |
static void ParsePrincipal(const std::string& description, |
Principal* principal); |
+#endif |
Amanda Walker
2008/09/18 16:14:43
Add a declaration for the Mac version, mostly to k
|
// The subject of the certificate. |
Principal subject_; |
@@ -179,11 +191,13 @@ |
// The issuer of the certificate. |
Principal issuer_; |
+#if defined(OS_WIN) |
// This certificate is not valid before |valid_start_| |
Time valid_start_; |
// This certificate is not valid after |valid_expiry_| |
Time valid_expiry_; |
+#endif |
// The fingerprint of this certificate. |
Fingerprint fingerprint_; |
@@ -191,7 +205,7 @@ |
// A handle to the certificate object in the underlying crypto library. |
OSCertHandle cert_handle_; |
- DISALLOW_EVIL_CONSTRUCTORS(X509Certificate); |
+ DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
}; |
} // namespace net |