net/base/x509_util.h - Issue 13006020: net: extract net/cert out of net/base

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/base/x509_util.h

Issue 13006020: net: extract net/cert out of net/base (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: rebase Created 7 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
	(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.

4

5 #ifndef NET_BASE_X509_UTIL_H_

6 #define NET_BASE_X509_UTIL_H_

7

8 #include <string>

9

10 #include "base/memory/ref_counted.h"

11 #include "base/time.h"

12 #include "net/base/net_export.h"

13

14 namespace crypto {

15 class ECPrivateKey;

16 }

17

18 namespace net {

19

20 class X509Certificate;

21

22 namespace x509_util {

23

24 // Returns true if the times can be used to create an X.509 certificate.

25 // Certificates can accept dates from Jan 1st, 1 to Dec 31, 9999. A bug in NSS

26 // limited the range to 1950-9999

27 // (https://bugzilla.mozilla.org/show_bug.cgi?id=786531). This function will

28 // return whether it is supported by the currently used crypto library.

29 NET_EXPORT_PRIVATE bool IsSupportedValidityRange(base::Time not_valid_before,

30 base::Time not_valid_after);

31

32 // Creates a server bound certificate containing the public key in \|key\|.

33 // Domain, serial number and validity period are given as

34 // parameters. The certificate is signed by the private key in \|key\|.

35 // The hashing algorithm for the signature is SHA-1.

36 //

37 // See Internet Draft draft-balfanz-tls-obc-00 for more details:

38 // http://tools.ietf.org/html/draft-balfanz-tls-obc-00

39 NET_EXPORT_PRIVATE bool CreateDomainBoundCertEC(

40 crypto::ECPrivateKey* key,

41 const std::string& domain,

42 uint32 serial_number,

43 base::Time not_valid_before,

44 base::Time not_valid_after,

45 std::string* der_cert);

46

47 // Comparator for use in STL algorithms that will sort client certificates by

48 // order of preference.

49 // Returns true if \|a\| is more preferable than \|b\|, allowing it to be used

50 // with any algorithm that compares according to strict weak ordering.

51 //

52 // Criteria include:

53 // - Prefer certificates that have a longer validity period (later

54 // expiration dates)

55 // - If equal, prefer certificates that were issued more recently

56 // - If equal, prefer shorter chains (if available)

57 class NET_EXPORT_PRIVATE ClientCertSorter {

58 public:

59 ClientCertSorter();

60

61 bool operator()(

62 const scoped_refptr<X509Certificate>& a,

63 const scoped_refptr<X509Certificate>& b) const;

64

65 private:

66 base::Time now_;

67 };

68

69 } // namespace x509_util

70

71 } // namespace net

72

73 #endif // NET_BASE_X509_UTIL_H_

OLD	NEW

« no previous file with comments | « net/base/x509_certificate_win.cc ('k') | net/base/x509_util.cc » ('j') | no next file with comments »