Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(489)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate.h

Issue 12035105: Move client certificates retrieval logic out of the SSL sockets. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix Linux Redux build Created 7 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/browser/loader/resource_loader.cc ('K') | « content/browser/loader/resource_loader.cc ('k') | net/base/x509_certificate_mac.cc » ('j') | net/data/ssl/scripts/client_authentication/run-test-server.sh » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_X509_CERTIFICATE_H_ 5 #ifndef NET_BASE_X509_CERTIFICATE_H_
6 #define NET_BASE_X509_CERTIFICATE_H_ 6 #define NET_BASE_X509_CERTIFICATE_H_
7 7
8 #include <string.h> 8 #include <string.h>
9 9
10 #include <string> 10 #include <string>
(...skipping 261 matching lines...) Expand 10 before | Expand all | Expand 10 after
272 // Ownership follows the "get" rule: it is the caller's responsibility to 272 // Ownership follows the "get" rule: it is the caller's responsibility to
273 // retain the elements of the result. 273 // retain the elements of the result.
274 const OSCertHandles& GetIntermediateCertificates() const { 274 const OSCertHandles& GetIntermediateCertificates() const {
275 return intermediate_ca_certs_; 275 return intermediate_ca_certs_;
276 } 276 }
277 277
278 #if defined(OS_MACOSX) 278 #if defined(OS_MACOSX)
279 // Does this certificate's usage allow SSL client authentication? 279 // Does this certificate's usage allow SSL client authentication?
280 bool SupportsSSLClientAuth() const; 280 bool SupportsSSLClientAuth() const;
281 281
282 // Do any of the given issuer names appear in this cert's chain of trust?
283 bool IsIssuedBy(const std::vector<CertPrincipal>& valid_issuers);
284
285 // Adds all available SSL client identity certs to the given vector.
286 // |server_domain| is a hint for which domain the cert is to be sent to
287 // (a cert previously specified as the default for that domain will be given
288 // precedence and returned first in the output vector.)
289 // If valid_issuers is non-empty, only certs that were transitively issued
290 // by one of the given names will be included in the list.
291 static bool GetSSLClientCertificates(
292 const std::string& server_domain,
293 const std::vector<CertPrincipal>& valid_issuers,
294 CertificateList* certs);
295
296 // Creates the chain of certs to use for this client identity cert. 282 // Creates the chain of certs to use for this client identity cert.
297 CFArrayRef CreateClientCertificateChain() const; 283 CFArrayRef CreateClientCertificateChain() const;
298 284
299 // Returns a new CFArrayRef containing this certificate and its intermediate 285 // Returns a new CFArrayRef containing this certificate and its intermediate
300 // certificates in the form expected by Security.framework and Keychain 286 // certificates in the form expected by Security.framework and Keychain
301 // Services, or NULL on failure. 287 // Services, or NULL on failure.
302 // The first item in the array will be this certificate, followed by its 288 // The first item in the array will be this certificate, followed by its
303 // intermediates, if any. 289 // intermediates, if any.
304 CFArrayRef CreateOSCertChainForCert() const; 290 CFArrayRef CreateOSCertChainForCert() const;
305 #endif 291 #endif
(...skipping 209 matching lines...) Expand 10 before | Expand all | Expand 10 after
515 // based on the type of the certificate. 501 // based on the type of the certificate.
516 std::string default_nickname_; 502 std::string default_nickname_;
517 #endif 503 #endif
518 504
519 DISALLOW_COPY_AND_ASSIGN(X509Certificate); 505 DISALLOW_COPY_AND_ASSIGN(X509Certificate);
520 }; 506 };
521 507
522 } // namespace net 508 } // namespace net
523 509
524 #endif // NET_BASE_X509_CERTIFICATE_H_ 510 #endif // NET_BASE_X509_CERTIFICATE_H_
OLDNEW
« content/browser/loader/resource_loader.cc ('K') | « content/browser/loader/resource_loader.cc ('k') | net/base/x509_certificate_mac.cc » ('j') | net/data/ssl/scripts/client_authentication/run-test-server.sh » ('J')

Powered by Google App Engine
This is Rietveld 408576698