OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_ | 5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_ |
6 #define NET_CERT_INTERNAL_TRUST_STORE_H_ | 6 #define NET_CERT_INTERNAL_TRUST_STORE_H_ |
7 | 7 |
8 #include <unordered_map> | 8 #include <unordered_map> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/memory/ref_counted.h" | 11 #include "base/memory/ref_counted.h" |
12 #include "base/strings/string_piece.h" | 12 #include "base/strings/string_piece.h" |
13 #include "net/base/net_export.h" | 13 #include "net/base/net_export.h" |
| 14 #include "net/cert/internal/parsed_certificate.h" |
14 | 15 |
15 namespace net { | 16 namespace net { |
16 | 17 |
17 namespace der { | 18 namespace der { |
18 class Input; | 19 class Input; |
19 } | 20 } |
20 | 21 |
21 class ParsedCertificate; | |
22 | |
23 // A very simple implementation of a TrustStore, which contains a set of | 22 // A very simple implementation of a TrustStore, which contains a set of |
24 // trusted certificates. | 23 // trusted certificates. |
25 // TODO(mattm): convert this into an interface, provide implementations that | 24 // TODO(mattm): convert this into an interface, provide implementations that |
26 // interface with OS trust store. | 25 // interface with OS trust store. |
27 class NET_EXPORT TrustStore { | 26 class NET_EXPORT TrustStore { |
28 public: | 27 public: |
29 TrustStore(); | 28 TrustStore(); |
30 ~TrustStore(); | 29 ~TrustStore(); |
31 | 30 |
32 // Empties the trust store, resetting it to original state. | 31 // Empties the trust store, resetting it to original state. |
33 void Clear(); | 32 void Clear(); |
34 | 33 |
35 // Adds a trusted certificate to the store. | 34 // Adds a trusted certificate to the store. |
36 void AddTrustedCertificate(scoped_refptr<ParsedCertificate> anchor); | 35 void AddTrustedCertificate(scoped_refptr<ParsedCertificate> anchor); |
37 | 36 |
38 // Returns the trust anchors that match |name| in |*matches|, if any. | 37 // Returns the trust anchors that match |name| in |*matches|, if any. |
39 void FindTrustAnchorsByNormalizedName( | 38 void FindTrustAnchorsByNormalizedName(const der::Input& normalized_name, |
40 const der::Input& normalized_name, | 39 ParsedCertificateList* matches) const; |
41 std::vector<scoped_refptr<ParsedCertificate>>* matches) const; | |
42 | 40 |
43 // Returns true if |cert| matches a certificate in the TrustStore. | 41 // Returns true if |cert| matches a certificate in the TrustStore. |
44 bool IsTrustedCertificate(const ParsedCertificate* cert) const | 42 bool IsTrustedCertificate(const ParsedCertificate* cert) const |
45 WARN_UNUSED_RESULT; | 43 WARN_UNUSED_RESULT; |
46 | 44 |
47 private: | 45 private: |
48 // Multimap from normalized subject -> ParsedCertificate. | 46 // Multimap from normalized subject -> ParsedCertificate. |
49 std::unordered_multimap<base::StringPiece, | 47 std::unordered_multimap<base::StringPiece, |
50 scoped_refptr<ParsedCertificate>, | 48 scoped_refptr<ParsedCertificate>, |
51 base::StringPieceHash> | 49 base::StringPieceHash> |
52 anchors_; | 50 anchors_; |
53 | 51 |
54 DISALLOW_COPY_AND_ASSIGN(TrustStore); | 52 DISALLOW_COPY_AND_ASSIGN(TrustStore); |
55 }; | 53 }; |
56 | 54 |
57 } // namespace net | 55 } // namespace net |
58 | 56 |
59 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_ | 57 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_ |
OLD | NEW |