Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(689)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/cast_certificate/cast_cert_validator.h

Issue 2205403002: Add production Cast CRL certificate. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addresses comments Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | components/cast_certificate/cast_cert_validator.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/cast_certificate/cast_cert_validator.h
diff --git a/components/cast_certificate/cast_cert_validator.h b/components/cast_certificate/cast_cert_validator.h
index be924be74da3713f8f2ec81db1c05b24d6642f87..a918dd582070f1c496f7e40120922f3f46669e02 100644
--- a/components/cast_certificate/cast_cert_validator.h
+++ b/components/cast_certificate/cast_cert_validator.h
@@ -14,6 +14,9 @@
#include "base/strings/string_piece.h"
#include "base/time/time.h"
+namespace net {
+class TrustStore;
+}
namespace cast_certificate {
class CastCRL;
@@ -59,7 +62,8 @@ class CertVerificationContext {
DISALLOW_COPY_AND_ASSIGN(CertVerificationContext);
};
-// Verifies a cast device certficate given a chain of DER-encoded certificates.
+// Verifies a cast device certficate given a chain of DER-encoded certificates,
+// using the built-in Cast trust anchors.
//
// Inputs:
//
@@ -95,6 +99,18 @@ bool VerifyDeviceCert(const std::vector<std::string>& certs,
const CastCRL* crl,
CRLPolicy crl_policy) WARN_UNUSED_RESULT;
+// Exposed only for testing, not for use in production code.
+//
+// This is an overloaded version of VerifyDeviceCert that allows
+// the input of a custom TrustStore.
+bool VerifyDeviceCertForTest(const std::vector<std::string>& certs,
+ const base::Time& time,
+ std::unique_ptr<CertVerificationContext>* context,
+ CastDeviceCertPolicy* policy,
+ const CastCRL* crl,
+ CRLPolicy crl_policy,
+ net::TrustStore* trust_store) WARN_UNUSED_RESULT;
+
// Exposed only for unit-tests, not for use in production code.
// Production code would get a context from VerifyDeviceCert().
//
@@ -103,12 +119,6 @@ bool VerifyDeviceCert(const std::vector<std::string>& certs,
std::unique_ptr<CertVerificationContext> CertVerificationContextImplForTest(
const base::StringPiece& spki);
-// Exposed only for testing, not for use in production code.
-//
-// Replaces trusted root certificates in the CastTrustStore.
-// Returns true if successful, false if nothing is changed.
-bool SetTrustAnchorForTest(const std::string& cert) WARN_UNUSED_RESULT;
-
} // namespace cast_certificate
#endif // COMPONENTS_CAST_CERTIFICATE_CAST_CERT_VALIDATOR_H_
« no previous file with comments | « no previous file | components/cast_certificate/cast_cert_validator.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698