net/socket/dns_cert_provenance_checker.h - Issue 8944001: net: remove DNS certificate checking code.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/socket/dns_cert_provenance_checker.h

Issue 8944001: net: remove DNS certificate checking code. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 9 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
	(Empty)
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.

4

5 #ifndef NET_SOCKET_DNS_CERT_PROVENANCE_CHECKER_H

6 #define NET_SOCKET_DNS_CERT_PROVENANCE_CHECKER_H

7

8 #include <string>

9 #include <vector>

10

11 #include "base/string_piece.h"

12 #include "net/base/net_export.h"

13

14 namespace net {

15

16 class DnsRRResolver;

17

18 // DnsCertProvenanceChecker is an interface for asynchronously checking HTTPS

19 // certificates via a DNS side-channel.

20 class NET_EXPORT DnsCertProvenanceChecker {

21 public:

22 class NET_EXPORT Delegate {

23 public:

24 virtual ~Delegate();

25

26 virtual void OnDnsCertLookupFailed(

27 const std::string& hostname,

28 const std::vector<std::string>& der_certs) = 0;

29 };

30

31 virtual ~DnsCertProvenanceChecker();

32

33 virtual void Shutdown() = 0;

34

35 // DoAsyncVerification starts an asynchronous check for the given certificate

36 // chain. It must be run on the network thread.

37 virtual void DoAsyncVerification(

38 const std::string& hostname,

39 const std::vector<base::StringPiece>& der_certs) = 0;

40

41

42 protected:

43 // DoAsyncLookup performs a DNS lookup for the given name and certificate

44 // chain. In the event that the lookup reports a failure, the Delegate is

45 // called back.

46 static void DoAsyncLookup(

47 const std::string& hostname,

48 const std::vector<base::StringPiece>& der_certs,

49 DnsRRResolver* dnsrr_resolver,

50 Delegate* delegate);

51

52 // BuildEncryptedRecord encrypts the certificate chain to a fixed public key

53 // and returns the encrypted blob. Since this code is reporting a possible

54 // HTTPS failure, it would seem silly to use HTTPS to protect the uploaded

55 // report.

56 static std::string BuildEncryptedReport(

57 const std::string& hostname,

58 const std::vector<std::string>& der_certs);

59 };

60

61 } // namespace net

62

63 #endif // NET_SOCKET_DNS_CERT_PROVENANCE_CHECK_H

OLD	NEW

« no previous file with comments | « net/socket/client_socket_pool_manager_impl.cc ('k') | net/socket/dns_cert_provenance_checker.cc » ('j') | no next file with comments »