OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_X509_UTIL_H_ | 5 #ifndef NET_CERT_X509_UTIL_H_ |
6 #define NET_CERT_X509_UTIL_H_ | 6 #define NET_CERT_X509_UTIL_H_ |
7 | 7 |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <string> | 10 #include <string> |
(...skipping 13 matching lines...) Expand all Loading... |
24 class X509Certificate; | 24 class X509Certificate; |
25 | 25 |
26 namespace x509_util { | 26 namespace x509_util { |
27 | 27 |
28 // Supported digest algorithms for signing certificates. | 28 // Supported digest algorithms for signing certificates. |
29 enum DigestAlgorithm { | 29 enum DigestAlgorithm { |
30 DIGEST_SHA1, | 30 DIGEST_SHA1, |
31 DIGEST_SHA256 | 31 DIGEST_SHA256 |
32 }; | 32 }; |
33 | 33 |
| 34 // Generate a 'tls-server-end-point' channel binding based on the specified |
| 35 // certificate. Channel bindings are based on RFC 5929. |
| 36 NET_EXPORT_PRIVATE bool GetTLSServerEndPointChannelBinding( |
| 37 const X509Certificate& certificate, |
| 38 std::string* token); |
| 39 |
34 // Creates a public-private keypair and a self-signed certificate. | 40 // Creates a public-private keypair and a self-signed certificate. |
35 // Subject, serial number and validity period are given as parameters. | 41 // Subject, serial number and validity period are given as parameters. |
36 // The certificate is signed by the private key in |key|. The key length and | 42 // The certificate is signed by the private key in |key|. The key length and |
37 // signature algorithm may be updated periodically to match best practices. | 43 // signature algorithm may be updated periodically to match best practices. |
38 // | 44 // |
39 // |subject| is a distinguished name defined in RFC4514 with _only_ a CN | 45 // |subject| is a distinguished name defined in RFC4514 with _only_ a CN |
40 // component, as in: | 46 // component, as in: |
41 // CN=Michael Wong | 47 // CN=Michael Wong |
42 // | 48 // |
43 // SECURITY WARNING | 49 // SECURITY WARNING |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
87 | 93 |
88 private: | 94 private: |
89 base::Time now_; | 95 base::Time now_; |
90 }; | 96 }; |
91 | 97 |
92 } // namespace x509_util | 98 } // namespace x509_util |
93 | 99 |
94 } // namespace net | 100 } // namespace net |
95 | 101 |
96 #endif // NET_CERT_X509_UTIL_H_ | 102 #endif // NET_CERT_X509_UTIL_H_ |
OLD | NEW |