| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_CERT_VERIFY_PROC_H_ | 5 #ifndef NET_CERT_CERT_VERIFY_PROC_H_ |
| 6 #define NET_CERT_CERT_VERIFY_PROC_H_ | 6 #define NET_CERT_CERT_VERIFY_PROC_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/feature_list.h" | 11 #include "base/feature_list.h" |
| 12 #include "base/gtest_prod_util.h" | 12 #include "base/gtest_prod_util.h" |
| 13 #include "base/macros.h" | 13 #include "base/macros.h" |
| 14 #include "base/memory/ref_counted.h" | 14 #include "base/memory/ref_counted.h" |
| 15 #include "net/base/net_export.h" | 15 #include "net/base/net_export.h" |
| 16 #include "net/cert/x509_cert_types.h" | 16 #include "net/cert/x509_cert_types.h" |
| 17 #include "net/cert/x509_certificate.h" |
| 17 | 18 |
| 18 namespace net { | 19 namespace net { |
| 19 | 20 |
| 20 class CertVerifyResult; | 21 class CertVerifyResult; |
| 21 class CRLSet; | 22 class CRLSet; |
| 22 class X509Certificate; | 23 class X509Certificate; |
| 23 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; | 24 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; |
| 24 | 25 |
| 25 // Class to perform certificate path building and verification for various | 26 // Class to perform certificate path building and verification for various |
| 26 // certificate uses. All methods of this class must be thread-safe, as they | 27 // certificate uses. All methods of this class must be thread-safe, as they |
| (...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 127 // (i.e. by 1 July 2019). | 128 // (i.e. by 1 July 2019). |
| 128 static bool HasTooLongValidity(const X509Certificate& cert); | 129 static bool HasTooLongValidity(const X509Certificate& cert); |
| 129 | 130 |
| 130 // Emergency kill-switch for SHA-1 deprecation. Disabled by default. | 131 // Emergency kill-switch for SHA-1 deprecation. Disabled by default. |
| 131 static const base::Feature kSHA1LegacyMode; | 132 static const base::Feature kSHA1LegacyMode; |
| 132 const bool sha1_legacy_mode_enabled; | 133 const bool sha1_legacy_mode_enabled; |
| 133 | 134 |
| 134 DISALLOW_COPY_AND_ASSIGN(CertVerifyProc); | 135 DISALLOW_COPY_AND_ASSIGN(CertVerifyProc); |
| 135 }; | 136 }; |
| 136 | 137 |
| 138 // Sets the weak signature hash fields of |verify_result| to true if |
| 139 // applicable for |cert|, otherwise does not modify them. |
| 140 // |
| 141 // The fields in question are: |has_md2|, |has_md4|, |has_md5|,|has_sha1| and |
| 142 // |has_sha1_leaf|. |
| 143 // |
| 144 // Returns the hash algorithm that was determined for |cert|. |
| 145 // |
| 146 // This function is intended to be used as a helper by platform-specific |
| 147 // CertVerifyProc implementations. |
| 148 X509Certificate::SignatureHashAlgorithm FillCertVerifyResultWeakSignature( |
| 149 X509Certificate::OSCertHandle cert, |
| 150 bool is_leaf, |
| 151 CertVerifyResult* verify_result); |
| 152 |
| 137 } // namespace net | 153 } // namespace net |
| 138 | 154 |
| 139 #endif // NET_CERT_CERT_VERIFY_PROC_H_ | 155 #endif // NET_CERT_CERT_VERIFY_PROC_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2610903003:
[refactor] Extract the CertVerifyResult assignment of has_md2, has_md4, (Closed)
