Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1304)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate.h

Issue 651090: Mac client-side SSL cert improvements. (Closed)
Patch Set: Created 10 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/browser/ssl/ssl_client_auth_handler_mac.mm ('K') | « chrome/browser/ssl/ssl_client_auth_handler_mac.mm ('k') | net/base/x509_certificate_mac.cc » ('j') | net/base/x509_certificate_mac.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_X509_CERTIFICATE_H_ 5 #ifndef NET_BASE_X509_CERTIFICATE_H_
6 #define NET_BASE_X509_CERTIFICATE_H_ 6 #define NET_BASE_X509_CERTIFICATE_H_
7 7
8 #include <string.h> 8 #include <string.h>
9 9
10 #include <map> 10 #include <map>
(...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after
218 218
219 // Returns intermediate certificates added via AddIntermediateCertificate(). 219 // Returns intermediate certificates added via AddIntermediateCertificate().
220 // Ownership follows the "get" rule: it is the caller's responsibility to 220 // Ownership follows the "get" rule: it is the caller's responsibility to
221 // retain the elements of the result. 221 // retain the elements of the result.
222 const std::vector<OSCertHandle>& GetIntermediateCertificates() const { 222 const std::vector<OSCertHandle>& GetIntermediateCertificates() const {
223 return intermediate_ca_certs_; 223 return intermediate_ca_certs_;
224 } 224 }
225 #endif 225 #endif
226 226
227 #if defined(OS_MACOSX) 227 #if defined(OS_MACOSX)
228 // Does this certificate's usage allow SSL client authentication?
229 bool SupportsSSLClientAuth() const;
230
228 // Creates a security policy for SSL client certificates. 231 // Creates a security policy for SSL client certificates.
229 static OSStatus CreateSSLClientPolicy(SecPolicyRef* outPolicy); 232 static OSStatus CreateSSLClientPolicy(SecPolicyRef* outPolicy);
230 233
231 // Adds all available SSL client identity certs to the given vector. 234 // Adds all available SSL client identity certs to the given vector.
235 // |domain| is a hint for which domain the cert is to be used for.
232 static bool GetSSLClientCertificates( 236 static bool GetSSLClientCertificates(
237 std::string domain,
wtc 2010/02/24 01:44:51 Nit: this input parameter should be const std::str
233 std::vector<scoped_refptr<X509Certificate> >* certs); 238 std::vector<scoped_refptr<X509Certificate> >* certs);
234 239
235 // Creates the chain of certs to use for this client identity cert. 240 // Creates the chain of certs to use for this client identity cert.
236 CFArrayRef CreateClientCertificateChain(); 241 CFArrayRef CreateClientCertificateChain() const;
237 #endif 242 #endif
238 243
239 // Verifies the certificate against the given hostname. Returns OK if 244 // Verifies the certificate against the given hostname. Returns OK if
240 // successful or an error code upon failure. 245 // successful or an error code upon failure.
241 // 246 //
242 // The |*verify_result| structure, including the |verify_result->cert_status| 247 // The |*verify_result| structure, including the |verify_result->cert_status|
243 // bitmask, is always filled out regardless of the return value. If the 248 // bitmask, is always filled out regardless of the return value. If the
244 // certificate has multiple errors, the corresponding status flags are set in 249 // certificate has multiple errors, the corresponding status flags are set in
245 // |verify_result->cert_status|, and the error code for the most serious 250 // |verify_result->cert_status|, and the error code for the most serious
246 // error is returned. 251 // error is returned.
(...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after
334 339
335 // Where the certificate comes from. 340 // Where the certificate comes from.
336 Source source_; 341 Source source_;
337 342
338 DISALLOW_COPY_AND_ASSIGN(X509Certificate); 343 DISALLOW_COPY_AND_ASSIGN(X509Certificate);
339 }; 344 };
340 345
341 } // namespace net 346 } // namespace net
342 347
343 #endif // NET_BASE_X509_CERTIFICATE_H_ 348 #endif // NET_BASE_X509_CERTIFICATE_H_
OLDNEW
« chrome/browser/ssl/ssl_client_auth_handler_mac.mm ('K') | « chrome/browser/ssl/ssl_client_auth_handler_mac.mm ('k') | net/base/x509_certificate_mac.cc » ('j') | net/base/x509_certificate_mac.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698