Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(195)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/path_builder.h

Issue 2759023002: Improvements to the net/cert/internal error handling. (Closed)
Patch Set: fix comment Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/internal/cert_errors.cc ('k') | net/cert/internal/path_builder.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_CERT_INTERNAL_PATH_BUILDER_H_ 5 #ifndef NET_CERT_INTERNAL_PATH_BUILDER_H_
6 #define NET_CERT_INTERNAL_PATH_BUILDER_H_ 6 #define NET_CERT_INTERNAL_PATH_BUILDER_H_
7 7
8 #include <memory> 8 #include <memory>
9 #include <string> 9 #include <string>
10 #include <vector> 10 #include <vector>
(...skipping 29 matching lines...) Expand all
40 ~CertPath(); 40 ~CertPath();
41 41
42 scoped_refptr<TrustAnchor> trust_anchor; 42 scoped_refptr<TrustAnchor> trust_anchor;
43 43
44 // Path in the forward direction (path[0] is the target cert). 44 // Path in the forward direction (path[0] is the target cert).
45 ParsedCertificateList certs; 45 ParsedCertificateList certs;
46 46
47 // Resets the path to empty path (same as if default constructed). 47 // Resets the path to empty path (same as if default constructed).
48 void Clear(); 48 void Clear();
49 49
50 // Returns true if the path is empty. 50 // TODO(eroman): Can we remove this? Unclear on how this relates to validity.
51 bool IsEmpty() const; 51 bool IsEmpty() const;
52 }; 52 };
53 53
54 // Checks whether a certificate is trusted by building candidate paths to trust 54 // Checks whether a certificate is trusted by building candidate paths to trust
55 // anchors and verifying those paths according to RFC 5280. Each instance of 55 // anchors and verifying those paths according to RFC 5280. Each instance of
56 // CertPathBuilder is used for a single verification. 56 // CertPathBuilder is used for a single verification.
57 // 57 //
58 // WARNING: This implementation is currently experimental. Consult an OWNER 58 // WARNING: This implementation is currently experimental. Consult an OWNER
59 // before using it. 59 // before using it.
60 class NET_EXPORT CertPathBuilder { 60 class NET_EXPORT CertPathBuilder {
61 public: 61 public:
62 // Represents a single candidate path that was built. 62 // Represents a single candidate path that was built.
63 struct NET_EXPORT ResultPath { 63 struct NET_EXPORT ResultPath {
64 ResultPath(); 64 ResultPath();
65 ~ResultPath(); 65 ~ResultPath();
66 66
67 // Returns true if the candidate path is valid, false otherwise.
68 bool IsValid() const;
69
67 // The (possibly partial) certificate path. Consumers must always test 70 // The (possibly partial) certificate path. Consumers must always test
68 // |valid| before using |path|. When |!valid| path.trust_anchor may be 71 // |errors.IsValid()| before using |path|. When invalid,
69 // nullptr, and the path may be otherwise incomplete/invalid. 72 // |path.trust_anchor| may be null, and the path may be incomplete.
70 CertPath path; 73 CertPath path;
71 74
72 // The errors/warnings from this path. Note that the list of errors is 75 // The errors/warnings from this path. Use |IsValid()| to determine if the
73 // independent of whether the path was |valid| (a valid path may 76 // path is valid.
74 // contain errors/warnings, and vice versa an invalid path may not have 77 CertPathErrors errors;
75 // logged any errors).
76 CertErrors errors;
77
78 // True if |path| is a correct verified certificate chain.
79 bool valid = false;
80 }; 78 };
81 79
82 // Provides the overall result of path building. This includes the paths that 80 // Provides the overall result of path building. This includes the paths that
83 // were attempted. 81 // were attempted.
84 struct NET_EXPORT Result { 82 struct NET_EXPORT Result {
85 Result(); 83 Result();
86 ~Result(); 84 ~Result();
87 85
88 // Returns true if there was a valid path. 86 // Returns true if there was a valid path.
89 bool HasValidPath() const; 87 bool HasValidPath() const;
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after
165 State next_state_; 163 State next_state_;
166 164
167 Result* out_result_; 165 Result* out_result_;
168 166
169 DISALLOW_COPY_AND_ASSIGN(CertPathBuilder); 167 DISALLOW_COPY_AND_ASSIGN(CertPathBuilder);
170 }; 168 };
171 169
172 } // namespace net 170 } // namespace net
173 171
174 #endif // NET_CERT_INTERNAL_PATH_BUILDER_H_ 172 #endif // NET_CERT_INTERNAL_PATH_BUILDER_H_
OLDNEW
« no previous file with comments | « net/cert/internal/cert_errors.cc ('k') | net/cert/internal/path_builder.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698