OLD | NEW |
---|---|
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_ | 5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_ |
6 #define NET_CERT_INTERNAL_TRUST_STORE_H_ | 6 #define NET_CERT_INTERNAL_TRUST_STORE_H_ |
7 | 7 |
8 #include <unordered_map> | 8 #include <unordered_map> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/memory/ref_counted.h" | 11 #include "base/memory/ref_counted.h" |
12 #include "base/strings/string_piece.h" | 12 #include "base/strings/string_piece.h" |
13 #include "net/base/net_export.h" | 13 #include "net/base/net_export.h" |
14 | 14 |
15 namespace net { | 15 namespace net { |
16 | 16 |
17 namespace der { | 17 namespace der { |
18 class Input; | 18 class Input; |
19 } | 19 } |
20 | 20 |
21 class ParsedCertificate; | 21 class ParsedCertificate; |
22 using ParsedCertificateList = std::vector<scoped_refptr<ParsedCertificate>>; | |
eroman
2016/07/01 23:49:29
same comment as earlier.
mattm
2016/07/02 02:21:51
Done.
| |
22 | 23 |
23 // A very simple implementation of a TrustStore, which contains a set of | 24 // A very simple implementation of a TrustStore, which contains a set of |
24 // trusted certificates. | 25 // trusted certificates. |
25 // TODO(mattm): convert this into an interface, provide implementations that | 26 // TODO(mattm): convert this into an interface, provide implementations that |
26 // interface with OS trust store. | 27 // interface with OS trust store. |
27 class NET_EXPORT TrustStore { | 28 class NET_EXPORT TrustStore { |
28 public: | 29 public: |
29 TrustStore(); | 30 TrustStore(); |
30 ~TrustStore(); | 31 ~TrustStore(); |
31 | 32 |
32 // Empties the trust store, resetting it to original state. | 33 // Empties the trust store, resetting it to original state. |
33 void Clear(); | 34 void Clear(); |
34 | 35 |
35 // Adds a trusted certificate to the store. | 36 // Adds a trusted certificate to the store. |
36 void AddTrustedCertificate(scoped_refptr<ParsedCertificate> anchor); | 37 void AddTrustedCertificate(scoped_refptr<ParsedCertificate> anchor); |
37 | 38 |
38 // Returns the trust anchors that match |name| in |*matches|, if any. | 39 // Returns the trust anchors that match |name| in |*matches|, if any. |
39 void FindTrustAnchorsByNormalizedName( | 40 void FindTrustAnchorsByNormalizedName(const der::Input& normalized_name, |
40 const der::Input& normalized_name, | 41 ParsedCertificateList* matches) const; |
41 std::vector<scoped_refptr<ParsedCertificate>>* matches) const; | |
42 | 42 |
43 // Returns true if |cert| matches a certificate in the TrustStore. | 43 // Returns true if |cert| matches a certificate in the TrustStore. |
44 bool IsTrustedCertificate(const ParsedCertificate* cert) const | 44 bool IsTrustedCertificate(const ParsedCertificate* cert) const |
45 WARN_UNUSED_RESULT; | 45 WARN_UNUSED_RESULT; |
46 | 46 |
47 private: | 47 private: |
48 // Multimap from normalized subject -> ParsedCertificate. | 48 // Multimap from normalized subject -> ParsedCertificate. |
49 std::unordered_multimap<base::StringPiece, | 49 std::unordered_multimap<base::StringPiece, |
50 scoped_refptr<ParsedCertificate>, | 50 scoped_refptr<ParsedCertificate>, |
51 base::StringPieceHash> | 51 base::StringPieceHash> |
52 anchors_; | 52 anchors_; |
53 | 53 |
54 DISALLOW_COPY_AND_ASSIGN(TrustStore); | 54 DISALLOW_COPY_AND_ASSIGN(TrustStore); |
55 }; | 55 }; |
56 | 56 |
57 } // namespace net | 57 } // namespace net |
58 | 58 |
59 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_ | 59 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_ |
OLD | NEW |