OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef NET_BASE_TEMPORARY_ROOT_CERTS_H_ | |
6 #define NET_BASE_TEMPORARY_ROOT_CERTS_H_ | |
7 #pragma once | |
8 | |
9 #include "base/singleton.h" | |
wtc
2010/11/16 23:24:01
Nit: list "base/singleton.h" after all the other h
| |
10 #include "build/build_config.h" | |
11 | |
12 #if defined(OS_MACOSX) | |
13 #include <CoreFoundation/CoreFoundation.h> | |
14 #include "base/mac/scoped_cftyperef.h" | |
15 #elif defined(OS_WIN) | |
16 #include <wincrypt.h> | |
17 #elif defined(USE_NSS) | |
18 #include <map> | |
19 #include <string> | |
20 #include "net/base/x509_cert_types.h" | |
21 #endif | |
22 | |
23 class FilePath; | |
24 | |
25 namespace net { | |
26 | |
27 class X509Certificate; | |
28 | |
29 class TemporaryRootCerts { | |
bulach
2010/11/09 16:21:09
this is only ever going to be used for tests, righ
wtc
2010/11/16 23:24:01
I agree with bulach's suggestion of naming this cl
| |
30 public: | |
31 // Obtain the Singleton instance to the trusted certificates. | |
wtc
2010/11/16 23:24:01
When documenting methods in a header file, please
| |
32 static TemporaryRootCerts* GetInstance(); | |
33 | |
34 // Mark |certificate| as trusted for X509Certificate::Verify(). Returns | |
35 // false if the certificate could not be marked trusted. | |
36 bool Add(X509Certificate* certificate); | |
37 | |
38 // Mark all the certificates in |file| as trusted. Returns false if the | |
39 // file could not be read or the certificates could not be marked trusted. | |
40 bool AddFromFile(const FilePath& file); | |
wtc
2010/11/16 23:24:01
I commented on this issue before: it is better to
| |
41 | |
42 // Clear the trusted status from |certificate|, reverting it to its original | |
43 // trust state prior to Add(). If |certificate| was already trusted, this | |
44 // does nothing. | |
45 void Remove(X509Certificate* certificate); | |
wtc
2010/11/16 23:24:01
Perhaps all we need is a Clear/RemoveAll method th
| |
46 | |
47 // Clear the trusted status from all the certificates in |file|. | |
48 void RemoveFromFile(const FilePath& file); | |
49 | |
50 #if defined(OS_MACOSX) | |
51 bool IsEmpty() const; | |
wtc
2010/11/16 23:24:01
It is strange that IsEmpty() is defined for only s
| |
52 | |
53 CFArrayRef temporary_roots() const { return temporary_roots_; } | |
54 #elif defined(OS_WIN) | |
55 bool IsEmpty() const { return cert_count_ == 0; } | |
56 | |
57 HCERTSTORE temporary_roots() const { return temporary_roots_; } | |
58 #endif | |
59 | |
60 private: | |
61 friend struct DefaultSingletonTraits<TemporaryRootCerts>; | |
62 | |
63 TemporaryRootCerts(); | |
64 ~TemporaryRootCerts(); | |
65 | |
66 #if defined(OS_MACOSX) | |
67 base::mac::ScopedCFTypeRef<CFMutableArrayRef> temporary_roots_; | |
68 #elif defined(OS_WIN) | |
69 HCERTSTORE temporary_roots_; | |
70 | |
71 // The number of certificates added to |temporary_roots_|. | |
72 size_t cert_count_; | |
73 #elif defined(USE_NSS) | |
74 class TrustEntry; | |
75 typedef std::map<SHA1Fingerprint, TrustEntry, | |
76 SHA1FingerprintLessThan> CertTrustMap; | |
77 CertTrustMap cert_trust_map_; | |
wtc
2010/11/16 23:24:01
You should document what you store in cert_trust_m
| |
78 #endif | |
79 | |
80 DISALLOW_COPY_AND_ASSIGN(TemporaryRootCerts); | |
81 }; | |
82 | |
83 } // namespace net | |
84 | |
85 #endif // NET_BASE_TEMPORARY_ROOT_CERTS_H_ | |
OLD | NEW |