OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_X509_CERTIFICATE_H_ | 5 #ifndef NET_CERT_X509_CERTIFICATE_H_ |
6 #define NET_CERT_X509_CERTIFICATE_H_ | 6 #define NET_CERT_X509_CERTIFICATE_H_ |
7 | 7 |
8 #include <stddef.h> | 8 #include <stddef.h> |
9 #include <string.h> | 9 #include <string.h> |
10 | 10 |
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
185 const CertPrincipal& issuer() const { return issuer_; } | 185 const CertPrincipal& issuer() const { return issuer_; } |
186 | 186 |
187 // Time period during which the certificate is valid. More precisely, this | 187 // Time period during which the certificate is valid. More precisely, this |
188 // certificate is invalid before the |valid_start| date and invalid after | 188 // certificate is invalid before the |valid_start| date and invalid after |
189 // the |valid_expiry| date. | 189 // the |valid_expiry| date. |
190 // If we were unable to parse either date from the certificate (or if the cert | 190 // If we were unable to parse either date from the certificate (or if the cert |
191 // lacks either date), the date will be null (i.e., is_null() will be true). | 191 // lacks either date), the date will be null (i.e., is_null() will be true). |
192 const base::Time& valid_start() const { return valid_start_; } | 192 const base::Time& valid_start() const { return valid_start_; } |
193 const base::Time& valid_expiry() const { return valid_expiry_; } | 193 const base::Time& valid_expiry() const { return valid_expiry_; } |
194 | 194 |
195 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 | 195 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 |
196 // Server Identity, if the certificate has a subjectAltName extension of | 196 // Server Identity, if the certificate has a subjectAltName extension of |
197 // type dNSName, this method gets the DNS names in that extension. | 197 // type dNSName, this method gets the DNS names in that extension. |
198 // Otherwise, it gets the common name in the subject field. | 198 // Otherwise, it gets the common name in the subject field. |
| 199 // |
| 200 // Note: Chrome has deprecated fallback to the subject field, see |
| 201 // https://crbug.com/308330; prefer GetSubjectAltName() instead. |
199 void GetDNSNames(std::vector<std::string>* dns_names) const; | 202 void GetDNSNames(std::vector<std::string>* dns_names) const; |
200 | 203 |
201 // Gets the subjectAltName extension field from the certificate, if any. | 204 // Gets the subjectAltName extension field from the certificate, if any. |
202 // For future extension; currently this only returns those name types that | 205 // For future extension; currently this only returns those name types that |
203 // are required for HTTP certificate name verification - see VerifyHostname. | 206 // are required for HTTP certificate name verification - see VerifyHostname. |
204 // Returns true if any dNSName or iPAddress SAN was present. If |dns_names| | 207 // Returns true if any dNSName or iPAddress SAN was present. If |dns_names| |
205 // is non-null, it will be set to all dNSNames present. If |ip_addrs| is | 208 // is non-null, it will be set to all dNSNames present. If |ip_addrs| is |
206 // non-null, it will be set to all iPAddresses present. | 209 // non-null, it will be set to all iPAddresses present. |
207 bool GetSubjectAltName(std::vector<std::string>* dns_names, | 210 bool GetSubjectAltName(std::vector<std::string>* dns_names, |
208 std::vector<std::string>* ip_addrs) const; | 211 std::vector<std::string>* ip_addrs) const; |
(...skipping 242 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
451 // Untrusted intermediate certificates associated with this certificate | 454 // Untrusted intermediate certificates associated with this certificate |
452 // that may be needed for chain building. | 455 // that may be needed for chain building. |
453 OSCertHandles intermediate_ca_certs_; | 456 OSCertHandles intermediate_ca_certs_; |
454 | 457 |
455 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 458 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
456 }; | 459 }; |
457 | 460 |
458 } // namespace net | 461 } // namespace net |
459 | 462 |
460 #endif // NET_CERT_X509_CERTIFICATE_H_ | 463 #endif // NET_CERT_X509_CERTIFICATE_H_ |
OLD | NEW |