| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_ | 5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_ |
| 6 #define NET_CERT_INTERNAL_TRUST_STORE_H_ | 6 #define NET_CERT_INTERNAL_TRUST_STORE_H_ |
| 7 | 7 |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 68 // initialized using the source certificate's subject and SPKI as usual, | 68 // initialized using the source certificate's subject and SPKI as usual, |
| 69 // however other parts of the certificate are applied as anchor constraints. | 69 // however other parts of the certificate are applied as anchor constraints. |
| 70 // | 70 // |
| 71 // The implementation matches the properties identified by RFC 5937, | 71 // The implementation matches the properties identified by RFC 5937, |
| 72 // resulting in the following hodgepodge of enforcement on the source | 72 // resulting in the following hodgepodge of enforcement on the source |
| 73 // certificate: | 73 // certificate: |
| 74 // | 74 // |
| 75 // * Signature: No | 75 // * Signature: No |
| 76 // * Validity (expiration): No | 76 // * Validity (expiration): No |
| 77 // * Key usage: No | 77 // * Key usage: No |
| 78 // * Extended key usage: No | 78 // * Extended key usage: Yes (not part of RFC 5937) |
| 79 // * Basic constraints: Yes, but only the pathlen (CA=false is accepted) | 79 // * Basic constraints: Yes, but only the pathlen (CA=false is accepted) |
| 80 // * Name constraints: Yes | 80 // * Name constraints: Yes |
| 81 // * Certificate policies: Not currently, TODO(crbug.com/634453) | 81 // * Certificate policies: Not currently, TODO(crbug.com/634453) |
| 82 // * inhibitAnyPolicy: Not currently, TODO(crbug.com/634453) | 82 // * inhibitAnyPolicy: Not currently, TODO(crbug.com/634453) |
| 83 // * PolicyConstraints: Not currently, TODO(crbug.com/634452) | 83 // * PolicyConstraints: Not currently, TODO(crbug.com/634452) |
| 84 // | 84 // |
| 85 // The presence of any other unrecognized extension marked as critical fails | 85 // The presence of any other unrecognized extension marked as critical fails |
| 86 // validation. | 86 // validation. |
| 87 static scoped_refptr<TrustAnchor> CreateFromCertificateWithConstraints( | 87 static scoped_refptr<TrustAnchor> CreateFromCertificateWithConstraints( |
| 88 scoped_refptr<ParsedCertificate> cert); | 88 scoped_refptr<ParsedCertificate> cert); |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 123 const scoped_refptr<ParsedCertificate>& cert, | 123 const scoped_refptr<ParsedCertificate>& cert, |
| 124 TrustAnchors* matches) const = 0; | 124 TrustAnchors* matches) const = 0; |
| 125 | 125 |
| 126 private: | 126 private: |
| 127 DISALLOW_COPY_AND_ASSIGN(TrustStore); | 127 DISALLOW_COPY_AND_ASSIGN(TrustStore); |
| 128 }; | 128 }; |
| 129 | 129 |
| 130 } // namespace net | 130 } // namespace net |
| 131 | 131 |
| 132 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_ | 132 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2800993002:
Add a key purpose parameter to Certificate PathBuilder. (Closed)
