net/cert/ct_verifier.h - Issue 1216153010: Certificate Transparency: Add observer for Signed Certificate Timestamps

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/ct_verifier.h

Issue 1216153010: Certificate Transparency: Add observer for Signed Certificate Timestamps (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Addressed review comments Created 5 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/ct_verifier.h

diff --git a/net/cert/ct_verifier.h b/net/cert/ct_verifier.h

index 290a0474a649138733c902fdc5a8e47b6210f12d..ce25e19a72c3a0ee81b951e03408dcbd403a946f 100644

--- a/net/cert/ct_verifier.h

+++ b/net/cert/ct_verifier.h

@@ -5,20 +5,36 @@

#ifndef NET_CERT_CT_VERIFIER_H_

#define NET_CERT_CT_VERIFIER_H_

+#include <string>

+#include "base/memory/ref_counted.h"

Ryan Sleevi 2015/07/02 14:25:46 Unused

Eran Messeri 2015/07/02 15:04:38 Done.

#include "net/base/net_export.h"

namespace net {

namespace ct {

struct CTVerifyResult;

+struct SignedCertificateTimestamp;

} // namespace ct

class BoundNetLog;

+class CTLogVerifier;

class X509Certificate;

// Interface for verifying Signed Certificate Timestamps over a certificate.

class NET_EXPORT CTVerifier {

public:

+ class NET_EXPORT Observer {

+ public:

+ // Called for each Signed Certificate Timestamp from a known log that vas

+ // verified successfully (i.e. the signature verifies). |sct| is the

+ // Signed Certificate Timestamp, |cert| is the certificate it applies to.

+ // The certificate is needed to calculate the hash of the log entry,

+ // necessary for checking inclusion in the log.

+ virtual void OnSCTVerified(X509Certificate* cert,

+ const ct::SignedCertificateTimestamp* sct) = 0;

+ };

virtual ~CTVerifier() {}

// Verifies SCTs embedded in the certificate itself, SCTs embedded in a

@@ -36,6 +52,11 @@ class NET_EXPORT CTVerifier {

const std::string& sct_list_from_tls_extension,

ct::CTVerifyResult* result,

const BoundNetLog& net_log) = 0;

+ // Registers |observer| to receive notifications of validated SCTs. Does not

+ // take ownership of the observer as the observer may be performing

+ // URLRequests which have to be cancelled before this object is destroyed.

Ryan Sleevi 2015/07/02 14:25:46 comment nit: // Setting |observer| to nullptr has

Eran Messeri 2015/07/02 15:04:38 Done.

+ virtual void SetObserver(Observer* observer) = 0;

};

} // namespace net

« no previous file with comments | « no previous file | net/cert/multi_log_ct_verifier.h » ('j') | net/cert/multi_log_ct_verifier_unittest.cc » ('J')