| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_CRL_SET_H_ | 5 #ifndef NET_BASE_CRL_SET_H_ |
| 6 #define NET_BASE_CRL_SET_H_ | 6 #define NET_BASE_CRL_SET_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <map> | 9 #include <map> |
| 10 #include <string> | 10 #include <string> |
| 11 #include <utility> | 11 #include <utility> |
| 12 #include <vector> | 12 #include <vector> |
| 13 | 13 |
| 14 #include "base/memory/ref_counted.h" | 14 #include "base/memory/ref_counted.h" |
| 15 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
| 16 #include "base/string_piece.h" | 16 #include "base/string_piece.h" |
| 17 #include "base/time.h" | 17 #include "base/time.h" |
| 18 #include "net/base/net_export.h" | 18 #include "net/base/net_export.h" |
| 19 | 19 |
| 20 namespace net { | 20 namespace net { |
| 21 | 21 |
| 22 // A CRLSet is a structure that lists the serial numbers of revoked | 22 // A CRLSet is a structure that lists the serial numbers of revoked |
| 23 // certificates from a number of issuers where issuers are identified by the | 23 // certificates from a number of issuers where issuers are identified by the |
| 24 // SHA256 of their SubjectPublicKeyInfo. | 24 // SHA256 of their SubjectPublicKeyInfo. |
| 25 class NET_EXPORT CRLSet : public base::RefCountedThreadSafe<CRLSet> { | 25 class NET_EXPORT CRLSet : public base::RefCountedThreadSafe<CRLSet> { |
| 26 public: | 26 public: |
| 27 enum Result { | 27 enum Result { |
| 28 REVOKED, // the certificate should be rejected. | 28 REVOKED, // the certificate should be rejected. |
| 29 UNKNOWN, // there was an error in processing. | 29 UNKNOWN, // the CRL for the certificate is not included in the set. |
| 30 GOOD, // the certificate is not listed. | 30 GOOD, // the certificate is not listed. |
| 31 }; | 31 }; |
| 32 | 32 |
| 33 ~CRLSet(); | 33 ~CRLSet(); |
| 34 | 34 |
| 35 // Parse parses the bytes in |data| and, on success, puts a new CRLSet in | 35 // Parse parses the bytes in |data| and, on success, puts a new CRLSet in |
| 36 // |out_crl_set| and returns true. | 36 // |out_crl_set| and returns true. |
| 37 static bool Parse(base::StringPiece data, | 37 static bool Parse(base::StringPiece data, |
| 38 scoped_refptr<CRLSet>* out_crl_set); | 38 scoped_refptr<CRLSet>* out_crl_set); |
| 39 | 39 |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 89 // crls_index_by_issuer_ maps from issuer SPKI hashes to the index in |crls_| | 89 // crls_index_by_issuer_ maps from issuer SPKI hashes to the index in |crls_| |
| 90 // where the information for that issuer can be found. We have both |crls_| | 90 // where the information for that issuer can be found. We have both |crls_| |
| 91 // and |crls_index_by_issuer_| because, when applying a delta update, we need | 91 // and |crls_index_by_issuer_| because, when applying a delta update, we need |
| 92 // to identify a CRL by index. | 92 // to identify a CRL by index. |
| 93 std::map<std::string, size_t> crls_index_by_issuer_; | 93 std::map<std::string, size_t> crls_index_by_issuer_; |
| 94 }; | 94 }; |
| 95 | 95 |
| 96 } // namespace net | 96 } // namespace net |
| 97 | 97 |
| 98 #endif // NET_BASE_CRL_SET_H_ | 98 #endif // NET_BASE_CRL_SET_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8342054:
net: enable CRL sets behind a command line flag. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src