Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(190)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate.h

Issue 8296014: Use NSS to generate Origin-Bound Certs on Win and Mac. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: review changes Created 9 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/net_error_list.h ('K') | « net/base/origin_bound_cert_service.cc ('k') | net/base/x509_certificate_mac.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_X509_CERTIFICATE_H_ 5 #ifndef NET_BASE_X509_CERTIFICATE_H_
6 #define NET_BASE_X509_CERTIFICATE_H_ 6 #define NET_BASE_X509_CERTIFICATE_H_
7 #pragma once 7 #pragma once
8 8
9 #include <string.h> 9 #include <string.h>
10 10
(...skipping 169 matching lines...) Expand 10 before | Expand all | Expand 10 after
180 // 1. Encryption without authentication and thus vulnerable to 180 // 1. Encryption without authentication and thus vulnerable to
181 // man-in-the-middle attacks. 181 // man-in-the-middle attacks.
182 // 2. Self-signed certificates cannot be revoked. 182 // 2. Self-signed certificates cannot be revoked.
183 // 183 //
184 // Use this certificate only after the above risks are acknowledged. 184 // Use this certificate only after the above risks are acknowledged.
185 static X509Certificate* CreateSelfSigned(crypto::RSAPrivateKey* key, 185 static X509Certificate* CreateSelfSigned(crypto::RSAPrivateKey* key,
186 const std::string& subject, 186 const std::string& subject,
187 uint32 serial_number, 187 uint32 serial_number,
188 base::TimeDelta valid_duration); 188 base::TimeDelta valid_duration);
189 189
190 // Create an origin bound certificate containing the public key in |key|.
191 // Web origin, serial number and validity period are given as
192 // parameters. The certificate is signed by the private key in |key|.
193 // The hashing algorithm for the signature is SHA-1.
194 //
195 // See Internet Draft draft-balfanz-tls-obc-00 for more details:
196 // http://balfanz.github.com/tls-obc-spec/draft-balfanz-tls-obc-00.html
197 static X509Certificate* CreateOriginBound(crypto::RSAPrivateKey* key,
198 const std::string& origin,
199 uint32 serial_number,
200 base::TimeDelta valid_duration);
201
202 // Appends a representation of this object to the given pickle. 190 // Appends a representation of this object to the given pickle.
203 void Persist(Pickle* pickle); 191 void Persist(Pickle* pickle);
204 192
205 // The subject of the certificate. For HTTPS server certificates, this 193 // The subject of the certificate. For HTTPS server certificates, this
206 // represents the web server. The common name of the subject should match 194 // represents the web server. The common name of the subject should match
207 // the host name of the web server. 195 // the host name of the web server.
208 const CertPrincipal& subject() const { return subject_; } 196 const CertPrincipal& subject() const { return subject_; }
209 197
210 // The issuer of the certificate. 198 // The issuer of the certificate.
211 const CertPrincipal& issuer() const { return issuer_; } 199 const CertPrincipal& issuer() const { return issuer_; }
(...skipping 281 matching lines...) Expand 10 before | Expand all | Expand 10 after
493 // (Marked mutable because it's used in a const method.) 481 // (Marked mutable because it's used in a const method.)
494 mutable base::Lock verification_lock_; 482 mutable base::Lock verification_lock_;
495 #endif 483 #endif
496 484
497 DISALLOW_COPY_AND_ASSIGN(X509Certificate); 485 DISALLOW_COPY_AND_ASSIGN(X509Certificate);
498 }; 486 };
499 487
500 } // namespace net 488 } // namespace net
501 489
502 #endif // NET_BASE_X509_CERTIFICATE_H_ 490 #endif // NET_BASE_X509_CERTIFICATE_H_
OLDNEW
« net/base/net_error_list.h ('K') | « net/base/origin_bound_cert_service.cc ('k') | net/base/x509_certificate_mac.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698