OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_CT_KNOWN_LOGS_H_ | 5 #ifndef NET_CERT_CT_KNOWN_LOGS_H_ |
6 #define NET_CERT_CT_KNOWN_LOGS_H_ | 6 #define NET_CERT_CT_KNOWN_LOGS_H_ |
7 | 7 |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
11 #include "base/strings/string_piece.h" | 11 #include "base/strings/string_piece.h" |
12 #include "build/build_config.h" | 12 #include "build/build_config.h" |
13 #include "net/base/net_export.h" | 13 #include "net/base/net_export.h" |
14 | 14 |
15 namespace base { | |
16 class Time; | |
17 } // namespace base | |
18 | |
19 namespace net { | 15 namespace net { |
20 | 16 |
21 class CTLogVerifier; | 17 class CTLogVerifier; |
22 | 18 |
23 namespace ct { | 19 namespace ct { |
24 | 20 |
25 #if !defined(OS_NACL) | 21 #if !defined(OS_NACL) |
26 // CreateLogVerifiersForKnownLogs returns a vector of CT logs for all the known | 22 // CreateLogVerifiersForKnownLogs returns a vector of CT logs for all the known |
27 // logs. This set includes logs that are presently qualified for inclusion and | 23 // and trusted logs. |
28 // logs which were previously qualifying, but have since been disqualified. To | |
29 // determine the status of a given log, use |IsLogDisqualified()|. | |
30 NET_EXPORT std::vector<scoped_refptr<const CTLogVerifier>> | 24 NET_EXPORT std::vector<scoped_refptr<const CTLogVerifier>> |
31 CreateLogVerifiersForKnownLogs(); | 25 CreateLogVerifiersForKnownLogs(); |
32 #endif | 26 #endif |
33 | 27 |
34 // Returns true if the log identified by |log_id| (the SHA-256 hash of the | |
35 // log's DER-encoded SPKI) is operated by Google. | |
36 NET_EXPORT bool IsLogOperatedByGoogle(base::StringPiece log_id); | 28 NET_EXPORT bool IsLogOperatedByGoogle(base::StringPiece log_id); |
37 | 29 |
38 // Returns true if the log identified by |log_id| (the SHA-256 hash of the | |
39 // log's DER-encoded SPKI) has been disqualified, and sets | |
40 // |*disqualification_date| to the date of disqualification. Any SCTs that | |
41 // are embedded in certificates issued after |*disqualification_date| should | |
42 // not be trusted, nor contribute to any uniqueness or freshness | |
43 // requirements. | |
44 NET_EXPORT bool IsLogDisqualified(base::StringPiece log_id, | |
45 base::Time* disqualification_date); | |
46 | |
47 } // namespace ct | 30 } // namespace ct |
48 | 31 |
49 } // namespace net | 32 } // namespace net |
50 | 33 |
51 #endif // NET_CERT_CT_KNOWN_LOGS_H_ | 34 #endif // NET_CERT_CT_KNOWN_LOGS_H_ |
OLD | NEW |