Certificate Transparency: Fetching of Signed Tree Heads (DRAFT)

net/cert/ct_log_verifier.h

Index: net/cert/ct_log_verifier.h
diff --git a/net/cert/ct_log_verifier.h b/net/cert/ct_log_verifier.h
index cf2484cdaefb3439235713dc7657da55b185196a..97845aabe4fab707a243fded6b4d7cee5fa14ce8 100644
--- a/net/cert/ct_log_verifier.h
+++ b/net/cert/ct_log_verifier.h
@@ -46,6 +46,8 @@ class NET_EXPORT CTLogVerifier {
   const std::string& key_id() const { return key_id_; }
   // Returns the log's human-readable description.
   const std::string& description() const { return description_; }
+  // Returns the log's URL
+  const GURL& url() const { return url_; }
 
   // Verifies that |sct| contains a valid signature for |entry|.
   bool Verify(const ct::LogEntry& entry,
@@ -54,7 +56,7 @@ class NET_EXPORT CTLogVerifier {
   // Verifies and sets |signed_tree_head|. If |signed_tree_head|'s signature is
   // valid, stores it and returns true. Otherwise, discards the sth and
   // returns false.
-  bool SetSignedTreeHead(scoped_ptr<ct::SignedTreeHead> signed_tree_head);

[davidben, 2015/05/07 21:59:38]

I'm assume this'll go away in a rebase? I remember reviewing this already.

[Eran Messeri, 2015/07/10 13:15:48]

Correct.

+  bool VerifySignedTreeHead(const ct::SignedTreeHead* signed_tree_head);
 
  private:
   FRIEND_TEST_ALL_PREFIXES(CTLogVerifierTest, VerifySignature);
@@ -79,7 +81,6 @@ class NET_EXPORT CTLogVerifier {
   GURL url_;
   ct::DigitallySigned::HashAlgorithm hash_algorithm_;
   ct::DigitallySigned::SignatureAlgorithm signature_algorithm_;
-  scoped_ptr<ct::SignedTreeHead> signed_tree_head_;
 
 #if defined(USE_OPENSSL)
   EVP_PKEY* public_key_;