OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_CT_KNOWN_LOGS_H_ | 5 #ifndef NET_CERT_CT_KNOWN_LOGS_H_ |
6 #define NET_CERT_CT_KNOWN_LOGS_H_ | 6 #define NET_CERT_CT_KNOWN_LOGS_H_ |
7 | 7 |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
11 #include "base/strings/string_piece.h" | 11 #include "base/strings/string_piece.h" |
12 #include "build/build_config.h" | 12 #include "build/build_config.h" |
13 #include "net/base/net_export.h" | 13 #include "net/base/net_export.h" |
14 | 14 |
| 15 namespace base { |
| 16 class Time; |
| 17 } // namespace base |
| 18 |
15 namespace net { | 19 namespace net { |
16 | 20 |
17 class CTLogVerifier; | 21 class CTLogVerifier; |
18 | 22 |
19 namespace ct { | 23 namespace ct { |
20 | 24 |
21 #if !defined(OS_NACL) | 25 #if !defined(OS_NACL) |
22 // CreateLogVerifiersForKnownLogs returns a vector of CT logs for all the known | 26 // CreateLogVerifiersForKnownLogs returns a vector of CT logs for all the known |
23 // and trusted logs. | 27 // logs. This set includes logs that are presently qualified for inclusion and |
| 28 // logs which were previously qualifying, but have since been disqualified. To |
| 29 // determine the status of a given log, use |IsLogDisqualified()|. |
24 NET_EXPORT std::vector<scoped_refptr<const CTLogVerifier>> | 30 NET_EXPORT std::vector<scoped_refptr<const CTLogVerifier>> |
25 CreateLogVerifiersForKnownLogs(); | 31 CreateLogVerifiersForKnownLogs(); |
26 #endif | 32 #endif |
27 | 33 |
| 34 // Returns true if the log identified by |log_id| (the SHA-256 hash of the |
| 35 // log's DER-encoded SPKI) is operated by Google. |
28 NET_EXPORT bool IsLogOperatedByGoogle(base::StringPiece log_id); | 36 NET_EXPORT bool IsLogOperatedByGoogle(base::StringPiece log_id); |
29 | 37 |
| 38 // Returns true if the log identified by |log_id| (the SHA-256 hash of the |
| 39 // log's DER-encoded SPKI) has been disqualified, and sets |
| 40 // |*disqualification_date| to the date of disqualification. Any SCTs that |
| 41 // are embedded in certificates issued after |*disqualification_date| should |
| 42 // not be trusted, nor contribute to any uniqueness or freshness |
| 43 // requirements. |
| 44 NET_EXPORT bool IsLogDisqualified(base::StringPiece log_id, |
| 45 base::Time* disqualification_date); |
| 46 |
30 } // namespace ct | 47 } // namespace ct |
31 | 48 |
32 } // namespace net | 49 } // namespace net |
33 | 50 |
34 #endif // NET_CERT_CT_KNOWN_LOGS_H_ | 51 #endif // NET_CERT_CT_KNOWN_LOGS_H_ |
OLD | NEW |