Index: net/cert/internal/path_builder.h |
diff --git a/net/cert/internal/path_builder.h b/net/cert/internal/path_builder.h |
index f08ad1275f6cec90ed518b78e9c64843c9785b1e..94dc184d0e15b3b6cf4940c6fe26029a99dfdcc4 100644 |
--- a/net/cert/internal/path_builder.h |
+++ b/net/cert/internal/path_builder.h |
@@ -98,19 +98,26 @@ class NET_EXPORT CertPathBuilder { |
// The caller must keep |trust_store|, |signature_policy|, and |*result| valid |
// for the lifetime of the CertPathBuilder. |
CertPathBuilder(scoped_refptr<ParsedCertificate> cert, |
- const TrustStore* trust_store, |
const SignaturePolicy* signature_policy, |
const der::GeneralizedTime& time, |
Result* result); |
~CertPathBuilder(); |
+ // Adds a TrustStore to check if certificates are trust anchors during path |
+ // building. Multiple trust stores may be added. Should not be called after |
+ // Run is called. The |*trust_store| must remain valid for the lifetime of the |
+ // CertPathBuilder. |
+ // |
+ // (If no trust stores are added, verification will fail.) |
+ void AddTrustStore(TrustStore* trust_store); |
+ |
// Adds a CertIssuerSource to provide intermediates for use in path building. |
// Multiple sources may be added. Must not be called after Run is called. |
// The |*cert_issuer_source| must remain valid for the lifetime of the |
// CertPathBuilder. |
// |
// (If no issuer sources are added, the target certificate will only verify if |
- // it is a trust anchor or is directly signed by a trust anchor.) |
+ // it is a trust anchor.) |
void AddCertIssuerSource(CertIssuerSource* cert_issuer_source); |
// Begins verification of the target certificate. |
@@ -150,7 +157,6 @@ class NET_EXPORT CertPathBuilder { |
base::Closure callback_; |
std::unique_ptr<CertPathIter> cert_path_iter_; |
- const TrustStore* trust_store_; |
const SignaturePolicy* signature_policy_; |
const der::GeneralizedTime time_; |