Index: net/cert/x509_certificate.h |
diff --git a/net/cert/x509_certificate.h b/net/cert/x509_certificate.h |
index d70e62922580189fad99733ee6f3c89f88809c4c..14828b92a6425a9736912c43cafdb8cd2dbc4024 100644 |
--- a/net/cert/x509_certificate.h |
+++ b/net/cert/x509_certificate.h |
@@ -81,7 +81,7 @@ class NET_EXPORT X509Certificate |
kPublicKeyTypeECDH |
}; |
- // Predicate functor used in maps when X509Certificate is used as the key. |
+ // Predicate functor used to sort X509Certificates. |
class NET_EXPORT LessThan { |
public: |
bool operator()(const scoped_refptr<X509Certificate>& lhs, |
@@ -213,14 +213,6 @@ class NET_EXPORT X509Certificate |
const base::Time& valid_start() const { return valid_start_; } |
const base::Time& valid_expiry() const { return valid_expiry_; } |
- // The fingerprint of this certificate. |
- const SHA1HashValue& fingerprint() const { return fingerprint_; } |
- |
- // The fingerprint of the intermediate CA certificates. |
- const SHA1HashValue& ca_fingerprint() const { |
- return ca_fingerprint_; |
- } |
- |
// Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 |
// Server Identity, if the certificate has a subjectAltName extension of |
// type dNSName, this method gets the DNS names in that extension. |
@@ -385,25 +377,10 @@ class NET_EXPORT X509Certificate |
// Frees (or releases a reference to) an OS certificate handle. |
static void FreeOSCertHandle(OSCertHandle cert_handle); |
- // Calculates the SHA-1 fingerprint of the certificate. Returns an empty |
- // (all zero) fingerprint on failure. |
- // |
- // For calculating fingerprints, prefer SHA-1 for performance when indexing, |
- // but callers should use IsSameOSCert() before assuming two certificates are |
eroman
2016/05/30 20:20:30
Do you want to provide similar guidance for Calcul
Ryan Sleevi
2016/05/31 15:40:13
The SHA-256 is an external detail - we need it exp
|
- // the same. |
- static SHA1HashValue CalculateFingerprint(OSCertHandle cert_handle); |
- |
// Calculates the SHA-256 fingerprint of the certificate. Returns an empty |
// (all zero) fingerprint on failure. |
static SHA256HashValue CalculateFingerprint256(OSCertHandle cert_handle); |
- // Calculates the SHA-1 fingerprint of the intermediate CA certificates. |
- // Returns an empty (all zero) fingerprint on failure. |
- // |
- // See SHA-1 caveat on CalculateFingerprint(). |
- static SHA1HashValue CalculateCAFingerprint( |
- const OSCertHandles& intermediates); |
- |
// Calculates the SHA-256 fingerprint of the intermediate CA certificates. |
// Returns an empty (all zero) fingerprint on failure. |
// |
@@ -494,12 +471,6 @@ class NET_EXPORT X509Certificate |
// This certificate is not valid after |valid_expiry_| |
base::Time valid_expiry_; |
- // The fingerprint of this certificate. |
- SHA1HashValue fingerprint_; |
- |
- // The fingerprint of the intermediate CA certificates. |
- SHA1HashValue ca_fingerprint_; |
- |
// The serial number of this certificate, DER encoded. |
std::string serial_number_; |