components/cronet/ct_ignores.h - Issue 2493863002: [Cronet] Ignore Certificate Transparency to avoid CT log expiration.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: components/cronet/ct_ignores.h

Issue 2493863002: [Cronet] Ignore Certificate Transparency to avoid CT log expiration. (Closed)

Patch Set: Use IgnoresCTVerifier / PolicyEnforcer on iOS. Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2016 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef COMPONENTS_CRONET_CT_IGNORES_H_

	6 #define COMPONENTS_CRONET_CT_IGNORES_H_

	7

	8 #include "base/macros.h"

	9 #include "net/cert/ct_policy_enforcer.h"

	10 #include "net/cert/ct_verifier.h"

	11

	12 namespace cronet {

	13

	14 // A CTVerifier which ignores Certificate Transparency information.

	15 class IgnoresCTVerifier : public net::CTVerifier {

	16 public:

	17 IgnoresCTVerifier() = default;

	18 ~IgnoresCTVerifier() override = default;

	19

	20 int Verify(net::X509Certificate* cert,

	21 const std::string& stapled_ocsp_response,

	22 const std::string& sct_list_from_tls_extension,

	23 net::SignedCertificateTimestampAndStatusList* output_scts,

	24 const net::NetLogWithSource& net_log) override;

	25

	26 void SetObserver(Observer* observer) override;

	27

	28 private:

	29 DISALLOW_COPY_AND_ASSIGN(IgnoresCTVerifier);

	30 };

	31

	32 // A CTPolicyEnforcer that accepts all certificates.

	33 class IgnoresCTPolicyEnforcer : public net::CTPolicyEnforcer {

	34 public:

	35 IgnoresCTPolicyEnforcer() = default;

	36 ~IgnoresCTPolicyEnforcer() override = default;

	37

	38 net::ct::CertPolicyCompliance DoesConformToCertPolicy(

	39 net::X509Certificate* cert,

	40 const net::SCTList& verified_scts,

	41 const net::NetLogWithSource& net_log) override;

	42

	43 net::ct::EVPolicyCompliance DoesConformToCTEVPolicy(

	44 net::X509Certificate* cert,

	45 const net::ct::EVCertsWhitelist* ev_whitelist,

	46 const net::SCTList& verified_scts,

	47 const net::NetLogWithSource& net_log) override;

	48

	49 private:

	50 DISALLOW_COPY_AND_ASSIGN(IgnoresCTPolicyEnforcer);

	51 };

	52

	53 } // namespace cronet

	54

	55 #endif // COMPONENTS_CRONET_CT_IGNORES_H_

OLD	NEW