Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(351)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/crl_set.h

Issue 266243004: Clang format slam. Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/mime_util_unittest.cc ('K') | « net/cert/cert_verify_result.h ('k') | net/cert/crl_set.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_CERT_CRL_SET_H_ 5 #ifndef NET_CERT_CRL_SET_H_
6 #define NET_CERT_CRL_SET_H_ 6 #define NET_CERT_CRL_SET_H_
7 7
8 #include <map> 8 #include <map>
9 #include <string> 9 #include <string>
10 #include <utility> 10 #include <utility>
(...skipping 16 matching lines...) Expand all
27 class NET_EXPORT CRLSet : public base::RefCountedThreadSafe<CRLSet> { 27 class NET_EXPORT CRLSet : public base::RefCountedThreadSafe<CRLSet> {
28 public: 28 public:
29 enum Result { 29 enum Result {
30 REVOKED, // the certificate should be rejected. 30 REVOKED, // the certificate should be rejected.
31 UNKNOWN, // the CRL for the certificate is not included in the set. 31 UNKNOWN, // the CRL for the certificate is not included in the set.
32 GOOD, // the certificate is not listed. 32 GOOD, // the certificate is not listed.
33 }; 33 };
34 34
35 // Parse parses the bytes in |data| and, on success, puts a new CRLSet in 35 // Parse parses the bytes in |data| and, on success, puts a new CRLSet in
36 // |out_crl_set| and returns true. 36 // |out_crl_set| and returns true.
37 static bool Parse(base::StringPiece data, 37 static bool Parse(base::StringPiece data, scoped_refptr<CRLSet>* out_crl_set);
38 scoped_refptr<CRLSet>* out_crl_set);
39 38
40 // CheckSPKI checks whether the given SPKI has been listed as blocked. 39 // CheckSPKI checks whether the given SPKI has been listed as blocked.
41 // spki_hash: the SHA256 of the SubjectPublicKeyInfo of the certificate. 40 // spki_hash: the SHA256 of the SubjectPublicKeyInfo of the certificate.
42 Result CheckSPKI(const base::StringPiece& spki_hash) const; 41 Result CheckSPKI(const base::StringPiece& spki_hash) const;
43 42
44 // CheckSerial returns the information contained in the set for a given 43 // CheckSerial returns the information contained in the set for a given
45 // certificate: 44 // certificate:
46 // serial_number: the serial number of the certificate 45 // serial_number: the serial number of the certificate
47 // issuer_spki_hash: the SHA256 of the SubjectPublicKeyInfo of the CRL 46 // issuer_spki_hash: the SHA256 of the SubjectPublicKeyInfo of the CRL
48 // signer 47 // signer
49 Result CheckSerial( 48 Result CheckSerial(const base::StringPiece& serial_number,
50 const base::StringPiece& serial_number, 49 const base::StringPiece& issuer_spki_hash) const;
51 const base::StringPiece& issuer_spki_hash) const;
52 50
53 // IsExpired returns true iff the current time is past the NotAfter time 51 // IsExpired returns true iff the current time is past the NotAfter time
54 // specified in the CRLSet. 52 // specified in the CRLSet.
55 bool IsExpired() const; 53 bool IsExpired() const;
56 54
57 // ApplyDelta returns a new CRLSet in |out_crl_set| that is the result of 55 // ApplyDelta returns a new CRLSet in |out_crl_set| that is the result of
58 // updating the current CRL set with the delta information in |delta_bytes|. 56 // updating the current CRL set with the delta information in |delta_bytes|.
59 bool ApplyDelta(const base::StringPiece& delta_bytes, 57 bool ApplyDelta(const base::StringPiece& delta_bytes,
60 scoped_refptr<CRLSet>* out_crl_set); 58 scoped_refptr<CRLSet>* out_crl_set);
61 59
62 // GetIsDeltaUpdate extracts the header from |bytes|, sets *is_delta to 60 // GetIsDeltaUpdate extracts the header from |bytes|, sets *is_delta to
63 // whether |bytes| is a delta CRL set or not and returns true. In the event 61 // whether |bytes| is a delta CRL set or not and returns true. In the event
64 // of a parse error, it returns false. 62 // of a parse error, it returns false.
65 static bool GetIsDeltaUpdate(const base::StringPiece& bytes, bool *is_delta); 63 static bool GetIsDeltaUpdate(const base::StringPiece& bytes, bool* is_delta);
66 64
67 // Serialize returns a string of bytes suitable for passing to Parse. Parsing 65 // Serialize returns a string of bytes suitable for passing to Parse. Parsing
68 // and serializing a CRLSet is a lossless operation - the resulting bytes 66 // and serializing a CRLSet is a lossless operation - the resulting bytes
69 // will be equal. 67 // will be equal.
70 std::string Serialize() const; 68 std::string Serialize() const;
71 69
72 // sequence returns the sequence number of this CRL set. CRL sets generated 70 // sequence returns the sequence number of this CRL set. CRL sets generated
73 // by the same source are given strictly monotonically increasing sequence 71 // by the same source are given strictly monotonically increasing sequence
74 // numbers. 72 // numbers.
75 uint32 sequence() const; 73 uint32 sequence() const;
76 74
77 // CRLList contains a list of (issuer SPKI hash, revoked serial numbers) 75 // CRLList contains a list of (issuer SPKI hash, revoked serial numbers)
78 // pairs. 76 // pairs.
79 typedef std::vector< std::pair<std::string, std::vector<std::string> > > 77 typedef std::vector<std::pair<std::string, std::vector<std::string> > >
80 CRLList; 78 CRLList;
81 79
82 // crls returns the internal state of this CRLSet. It should only be used in 80 // crls returns the internal state of this CRLSet. It should only be used in
83 // testing. 81 // testing.
84 const CRLList& crls() const; 82 const CRLList& crls() const;
85 83
86 // EmptyCRLSetForTesting returns a valid, but empty, CRLSet for unit tests. 84 // EmptyCRLSetForTesting returns a valid, but empty, CRLSet for unit tests.
87 static CRLSet* EmptyCRLSetForTesting(); 85 static CRLSet* EmptyCRLSetForTesting();
88 86
89 // ExpiredCRLSetForTesting returns a expired, empty CRLSet for unit tests. 87 // ExpiredCRLSetForTesting returns a expired, empty CRLSet for unit tests.
(...skipping 29 matching lines...) Expand all
119 // to identify a CRL by index. 117 // to identify a CRL by index.
120 std::map<std::string, size_t> crls_index_by_issuer_; 118 std::map<std::string, size_t> crls_index_by_issuer_;
121 // blocked_spkis_ contains the SHA256 hashes of SPKIs which are to be blocked 119 // blocked_spkis_ contains the SHA256 hashes of SPKIs which are to be blocked
122 // no matter where in a certificate chain they might appear. 120 // no matter where in a certificate chain they might appear.
123 std::vector<std::string> blocked_spkis_; 121 std::vector<std::string> blocked_spkis_;
124 }; 122 };
125 123
126 } // namespace net 124 } // namespace net
127 125
128 #endif // NET_CERT_CRL_SET_H_ 126 #endif // NET_CERT_CRL_SET_H_
OLDNEW
« net/base/mime_util_unittest.cc ('K') | « net/cert/cert_verify_result.h ('k') | net/cert/crl_set.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698