OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_X509_CERTIFICATE_H_ | 5 #ifndef NET_CERT_X509_CERTIFICATE_H_ |
6 #define NET_CERT_X509_CERTIFICATE_H_ | 6 #define NET_CERT_X509_CERTIFICATE_H_ |
7 | 7 |
8 #include <stddef.h> | 8 #include <stddef.h> |
9 #include <string.h> | 9 #include <string.h> |
10 | 10 |
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
181 const CertPrincipal& issuer() const { return issuer_; } | 181 const CertPrincipal& issuer() const { return issuer_; } |
182 | 182 |
183 // Time period during which the certificate is valid. More precisely, this | 183 // Time period during which the certificate is valid. More precisely, this |
184 // certificate is invalid before the |valid_start| date and invalid after | 184 // certificate is invalid before the |valid_start| date and invalid after |
185 // the |valid_expiry| date. | 185 // the |valid_expiry| date. |
186 // If we were unable to parse either date from the certificate (or if the cert | 186 // If we were unable to parse either date from the certificate (or if the cert |
187 // lacks either date), the date will be null (i.e., is_null() will be true). | 187 // lacks either date), the date will be null (i.e., is_null() will be true). |
188 const base::Time& valid_start() const { return valid_start_; } | 188 const base::Time& valid_start() const { return valid_start_; } |
189 const base::Time& valid_expiry() const { return valid_expiry_; } | 189 const base::Time& valid_expiry() const { return valid_expiry_; } |
190 | 190 |
191 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 | 191 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 |
192 // Server Identity, if the certificate has a subjectAltName extension of | 192 // Server Identity, if the certificate has a subjectAltName extension of |
193 // type dNSName, this method gets the DNS names in that extension. | 193 // type dNSName, this method gets the DNS names in that extension. |
194 // Otherwise, it gets the common name in the subject field. | 194 // Otherwise, it gets the common name in the subject field. |
| 195 // |
| 196 // Note: Chrome has deprecated fallback to the subject field, see |
| 197 // https://crbug.com/308330; prefer GetSubjectAltName() instead. |
195 void GetDNSNames(std::vector<std::string>* dns_names) const; | 198 void GetDNSNames(std::vector<std::string>* dns_names) const; |
196 | 199 |
197 // Gets the subjectAltName extension field from the certificate, if any. | 200 // Gets the subjectAltName extension field from the certificate, if any. |
198 // For future extension; currently this only returns those name types that | 201 // For future extension; currently this only returns those name types that |
199 // are required for HTTP certificate name verification - see VerifyHostname. | 202 // are required for HTTP certificate name verification - see VerifyHostname. |
200 // Returns true if any dNSName or iPAddress SAN was present. If |dns_names| | 203 // Returns true if any dNSName or iPAddress SAN was present. If |dns_names| |
201 // is non-null, it will be set to all dNSNames present. If |ip_addrs| is | 204 // is non-null, it will be set to all dNSNames present. If |ip_addrs| is |
202 // non-null, it will be set to all iPAddresses present. | 205 // non-null, it will be set to all iPAddresses present. |
203 bool GetSubjectAltName(std::vector<std::string>* dns_names, | 206 bool GetSubjectAltName(std::vector<std::string>* dns_names, |
204 std::vector<std::string>* ip_addrs) const; | 207 std::vector<std::string>* ip_addrs) const; |
(...skipping 245 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
450 // Untrusted intermediate certificates associated with this certificate | 453 // Untrusted intermediate certificates associated with this certificate |
451 // that may be needed for chain building. | 454 // that may be needed for chain building. |
452 OSCertHandles intermediate_ca_certs_; | 455 OSCertHandles intermediate_ca_certs_; |
453 | 456 |
454 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 457 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
455 }; | 458 }; |
456 | 459 |
457 } // namespace net | 460 } // namespace net |
458 | 461 |
459 #endif // NET_CERT_X509_CERTIFICATE_H_ | 462 #endif // NET_CERT_X509_CERTIFICATE_H_ |
OLD | NEW |