Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1855)

Unified Diff: net/cert/ct_verifier.h

Issue 1100003006: Certificate Transparency: Fetching of Signed Tree Heads (DRAFT) (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Revised design, addressed some comments Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/cert/ct_verifier.h
diff --git a/net/cert/ct_verifier.h b/net/cert/ct_verifier.h
index 290a0474a649138733c902fdc5a8e47b6210f12d..99b9f6ad9704cce8aee076ff1846619239669bb3 100644
--- a/net/cert/ct_verifier.h
+++ b/net/cert/ct_verifier.h
@@ -5,21 +5,41 @@
#ifndef NET_CERT_CT_VERIFIER_H_
#define NET_CERT_CT_VERIFIER_H_
+#include <string>
+
+#include "base/macros.h"
#include "net/base/net_export.h"
namespace net {
namespace ct {
struct CTVerifyResult;
+struct SignedCertificateTimestamp;
} // namespace ct
class BoundNetLog;
+class CTLogVerifier;
class X509Certificate;
// Interface for verifying Signed Certificate Timestamps over a certificate.
class NET_EXPORT CTVerifier {
public:
- virtual ~CTVerifier() {}
+ class NET_EXPORT Observer {
+ public:
+ virtual ~Observer() {}
+
+ virtual void OnSCTVerified(const ct::SignedCertificateTimestamp* sct,
Ryan Sleevi 2015/06/29 11:58:13 Document when/how this is called
+ CTLogVerifier* verifier) {}
Ryan Sleevi 2015/06/29 11:58:13 make this pure virtual
+
+ protected:
+ Observer() {}
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(Observer);
Ryan Sleevi 2015/06/29 11:58:13 delete; unneeded for pure interfaces
+ };
+
+ CTVerifier();
+ virtual ~CTVerifier();
// Verifies SCTs embedded in the certificate itself, SCTs embedded in a
// stapled OCSP response, and SCTs obtained via the
@@ -36,6 +56,18 @@ class NET_EXPORT CTVerifier {
const std::string& sct_list_from_tls_extension,
ct::CTVerifyResult* result,
const BoundNetLog& net_log) = 0;
+
+ virtual void StopNotifications() = 0;
+
+ // Registers |observer| to receive notifications of validated SCTs. The
+ // thread on which this is called is the thread on which |observer| will be
+ // called back with notifications. Does not take ownership of the observer
+ // as the observer may be performing URLRequests which have to be cancelled
+ // before this object is destroyed.
+ virtual void SetObserver(Observer* observer) = 0;
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(CTVerifier);
Ryan Sleevi 2015/06/29 11:58:13 ditto about unneeded for pure interfaces
};
} // namespace net

Powered by Google App Engine
This is Rietveld 408576698