| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef IOS_WEB_NET_CERT_VERIFIER_BLOCK_ADAPTER_H_ | |
| 6 #define IOS_WEB_NET_CERT_VERIFIER_BLOCK_ADAPTER_H_ | |
| 7 | |
| 8 #include "base/memory/scoped_vector.h" | |
| 9 #include "base/threading/thread_checker.h" | |
| 10 #include "net/cert/cert_verifier.h" | |
| 11 #include "net/cert/cert_verify_result.h" | |
| 12 | |
| 13 namespace net { | |
| 14 class CRLSet; | |
| 15 class NetLog; | |
| 16 class X509Certificate; | |
| 17 } // namespace net | |
| 18 | |
| 19 namespace web { | |
| 20 | |
| 21 // Provides block-based interface for |net::CertVerifier|. This class must be | |
| 22 // created and used on the same thread where the |net::CertVerifier| was | |
| 23 // created. | |
| 24 class CertVerifierBlockAdapter { | |
| 25 public: | |
| 26 // Constructs adapter with given |CertVerifier| and |NetLog|, both can not be | |
| 27 // null. CertVerifierBlockAdapter does NOT take ownership of |cert_verifier| | |
| 28 // and |net_log|. | |
| 29 CertVerifierBlockAdapter(net::CertVerifier* cert_verifier, | |
| 30 net::NetLog* net_log); | |
| 31 | |
| 32 // When the verifier is destroyed, certificate verification requests are not | |
| 33 // canceled, and their completion handlers are guaranteed to be called. | |
| 34 ~CertVerifierBlockAdapter(); | |
| 35 | |
| 36 // Encapsulates verification params. |cert| and |hostname| are mandatory, the | |
| 37 // other params are optional. If either of mandatory arguments is null or | |
| 38 // empty then verification |CompletionHandler| will be called with | |
| 39 // ERR_INVALID_ARGUMENT |error|. | |
| 40 struct Params { | |
| 41 // Constructs Params from X509 cert and hostname, which are mandatory for | |
| 42 // verification. | |
| 43 Params(const scoped_refptr<net::X509Certificate>& cert, | |
| 44 const std::string& hostname); | |
| 45 Params(const Params& other); | |
| 46 ~Params(); | |
| 47 | |
| 48 // Certificate to verify, can not be null. | |
| 49 scoped_refptr<net::X509Certificate> cert; | |
| 50 | |
| 51 // Hostname as an SSL server, can not be empty. | |
| 52 std::string hostname; | |
| 53 | |
| 54 // If non-empty, is a stapled OCSP response to use. | |
| 55 std::string ocsp_response; | |
| 56 | |
| 57 // Bitwise OR of |net::CertVerifier::VerifyFlags|. | |
| 58 int flags; | |
| 59 | |
| 60 // An optional |net::CRLSet| structure which can be used to avoid revocation | |
| 61 // checks over the network. | |
| 62 scoped_refptr<net::CRLSet> crl_set; | |
| 63 }; | |
| 64 | |
| 65 // Type of verification completion block. If cert is successfully validated | |
| 66 // |error| is OK, otherwise |error| is a net error code. | |
| 67 typedef void (^CompletionHandler)(net::CertVerifyResult result, int error); | |
| 68 | |
| 69 // Verifies certificate with given |params|. |completion_handler| must not be | |
| 70 // null and can be called either synchronously (in the same runloop) or | |
| 71 // asynchronously. | |
| 72 // Note: |completion_handler| is guaranteed to be called, even if the instance | |
| 73 // |Verify()| was called on is destroyed. | |
| 74 void Verify(const Params& params, CompletionHandler completion_handler); | |
| 75 | |
| 76 private: | |
| 77 // Underlying unowned CertVerifier. | |
| 78 net::CertVerifier* cert_verifier_; | |
| 79 // Unowned NetLog required by CertVerifier. | |
| 80 net::NetLog* net_log_; | |
| 81 // CertVerifierBlockAdapter should be used on the same thread where it was | |
| 82 // created. | |
| 83 base::ThreadChecker thread_checker_; | |
| 84 }; | |
| 85 | |
| 86 } // namespace web | |
| 87 | |
| 88 #endif // IOS_WEB_NET_CERT_VERIFIER_BLOCK_ADAPTER_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2225483002:
[ios] Removed CertVerifierBlockAdapter. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master