Index: net/base/x509_certificate.h |
=================================================================== |
--- net/base/x509_certificate.h (revision 80114) |
+++ net/base/x509_certificate.h (working copy) |
@@ -323,6 +323,18 @@ |
// Frees (or releases a reference to) an OS certificate handle. |
static void FreeOSCertHandle(OSCertHandle cert_handle); |
+ // Gets the complete cert chain (including root and intermediaries). |
+ // The returned chain must be freed with DestroyCertChain. |
+ static void GetCertChainFromCert(OSCertHandle cert_handle, |
+ OSCertHandles* cert_handles); |
+ |
+ // Frees a cert chain. |
+ static void DestroyCertChain(OSCertHandles* cert_handles); |
abarth-chromium
2011/04/04 22:49:36
We should probably have a stack-allocated, scoped
|
+ |
+ // Calculates the SHA-1 fingerprint of the certificate. Returns an empty |
+ // (all zero) fingerprint on failure. |
+ static SHA1Fingerprint CalculateFingerprint(OSCertHandle cert_handle); |
+ |
private: |
friend class base::RefCountedThreadSafe<X509Certificate>; |
friend class TestRootCerts; // For unit tests |
@@ -353,10 +365,6 @@ |
static void ResetCertStore(); |
#endif |
- // Calculates the SHA-1 fingerprint of the certificate. Returns an empty |
- // (all zero) fingerprint on failure. |
- static SHA1Fingerprint CalculateFingerprint(OSCertHandle cert_handle); |
- |
// Verifies that |hostname| matches one of the names in |cert_names|, based on |
// TLS name matching rules, specifically following http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-09#section-4.4.3 |
// The members of |cert_names| must have been extracted from the Subject CN or |