net/base/origin_bound_cert_store.h - Issue 8890073: Handle Origin Bound Certificate expiration.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/base/origin_bound_cert_store.h

Issue 8890073: Handle Origin Bound Certificate expiration. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: review changes Created 9 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/origin_bound_cert_store.h

diff --git a/net/base/origin_bound_cert_store.h b/net/base/origin_bound_cert_store.h

index 094839b1e8f52bac105d8b65698e996b4c350220..1eb8382efa1c4ee63fcb54705961510202fb3d9f 100644

--- a/net/base/origin_bound_cert_store.h

+++ b/net/base/origin_bound_cert_store.h

@@ -9,6 +9,7 @@

#include <string>

#include <vector>

+#include "base/time.h"

#include "net/base/net_export.h"

#include "net/base/ssl_client_cert_type.h"

@@ -30,6 +31,7 @@ class NET_EXPORT OriginBoundCertStore {

OriginBoundCert();

OriginBoundCert(const std::string& origin,

SSLClientCertType type,

+ base::Time expiration_time,

const std::string& private_key,

const std::string& cert);

~OriginBoundCert();

@@ -38,6 +40,8 @@ class NET_EXPORT OriginBoundCertStore {

const std::string& origin() const { return origin_; }

// TLS ClientCertificateType.

SSLClientCertType type() const { return type_; }

+ // The time after which this certificate is no longer valid.

+ base::Time expiration_time() const { return expiration_time_; }

// The encoding of the private key depends on the type.

// rsa_sign: DER-encoded PrivateKeyInfo struct.

// ecdsa_sign: DER-encoded EncryptedPrivateKeyInfo struct.

@@ -48,6 +52,7 @@ class NET_EXPORT OriginBoundCertStore {

private:

std::string origin_;

SSLClientCertType type_;

+ base::Time expiration_time_;

std::string private_key_;

std::string cert_;

};

@@ -57,12 +62,14 @@ class NET_EXPORT OriginBoundCertStore {

// TODO(rkn): File I/O may be required, so this should have an asynchronous

// interface.

// Returns true on success. |private_key_result| stores a DER-encoded

- // PrivateKeyInfo struct and |cert_result| stores a DER-encoded

- // certificate. Returns false if no origin bound cert exists for the

- // specified origin.

+ // PrivateKeyInfo struct, |cert_result| stores a DER-encoded certificate,

+ // |type| is the ClientCertificateType of the returned certificate, and

+ // |expiration_time| is the expiration time of the certificate.

+ // Returns false if no origin bound cert exists for the specified origin.

virtual bool GetOriginBoundCert(

const std::string& origin,

SSLClientCertType* type,

+ base::Time* expiration_time,

std::string* private_key_result,

std::string* cert_result) = 0;

@@ -70,6 +77,7 @@ class NET_EXPORT OriginBoundCertStore {

virtual void SetOriginBoundCert(

const std::string& origin,

SSLClientCertType type,

+ base::Time expiration_time,

const std::string& private_key,

const std::string& cert) = 0;

« no previous file with comments | « net/base/origin_bound_cert_service_unittest.cc ('k') | net/base/origin_bound_cert_store.cc » ('j') | no next file with comments »