OLD | NEW |
(Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef IOS_WEB_NET_CRW_CERT_VERIFICATION_CONTROLLER_H_ |
| 6 #define IOS_WEB_NET_CRW_CERT_VERIFICATION_CONTROLLER_H_ |
| 7 |
| 8 #import <Foundation/Foundation.h> |
| 9 |
| 10 #import "base/memory/ref_counted.h" |
| 11 |
| 12 namespace net { |
| 13 class X509Certificate; |
| 14 } |
| 15 |
| 16 namespace web { |
| 17 |
| 18 class BrowserState; |
| 19 |
| 20 // Accept policy for valid or invalid SSL cert. |
| 21 typedef NS_ENUM(NSInteger, CertAcceptPolicy) { |
| 22 // Cert status can't be determined due to an error. Caller should not proceed |
| 23 // with the load, but show net error page instead. |
| 24 CERT_ACCEPT_POLICY_UNKNOWN = 0, |
| 25 // Cert is valid or user has agreed to proceed with this invalid cert. |
| 26 // Caller should proceed with the load. |
| 27 CERT_ACCEPT_POLICY_ALLOW, |
| 28 // Cert is not valid and used has not agreed to proceed with this cert. |
| 29 // Caller can present recoverable SSL interstitial and ask used if they want |
| 30 // to proceed with the load. |
| 31 CERT_ACCEPT_POLICY_DENY, |
| 32 }; |
| 33 |
| 34 } // namespace web |
| 35 |
| 36 // Provides various cert verification API that can be used for blocking requests |
| 37 // with bad SSL cert, presenting SSL interstitials and determining SSL status |
| 38 // for Navigation Items. Must be used on UI thread. |
| 39 @interface CRWCertVerificationController : NSObject |
| 40 |
| 41 - (instancetype)init NS_UNAVAILABLE; |
| 42 |
| 43 // Initializes CRWCertVerificationController with the given |browserState| which |
| 44 // cannot be null and must outlive CRWCertVerificationController. |
| 45 - (instancetype)initWithBrowserState:(web::BrowserState*)browserState |
| 46 NS_DESIGNATED_INITIALIZER; |
| 47 |
| 48 // TODO(eugenebut): add API for: |
| 49 // - accepting bad SSL cert using CertPolicyCache |
| 50 // - querying SSL cert status for Navigation Item |
| 51 |
| 52 // Decides the policy for the given |cert| for the given |host| and calls |
| 53 // |completionHandler| on completion. |completionHandler| cannot be null and |
| 54 // will be called synchronously or asynchronously on UI thread. |
| 55 - (void)decidePolicyForCert:(const scoped_refptr<net::X509Certificate>&)cert |
| 56 host:(NSString*)host |
| 57 completionHandler:(void (^)(web::CertAcceptPolicy))handler; |
| 58 |
| 59 // Cancels all pending verification requests. Completion handlers will not be |
| 60 // called after |shutDown| call. Must always be called before object's |
| 61 // deallocation. |
| 62 - (void)shutDown; |
| 63 |
| 64 @end |
| 65 |
| 66 #endif // IOS_WEB_NET_CRW_CERT_VERIFICATION_CONTROLLER_H_ |
OLD | NEW |