net/cert/internal/path_builder.h - Issue 2898303005: Wire up certificate policies support in PathBuilder.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/internal/path_builder.h

Issue 2898303005: Wire up certificate policies support in PathBuilder. (Closed)

Patch Set: remove extra space Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/internal/path_builder.h

diff --git a/net/cert/internal/path_builder.h b/net/cert/internal/path_builder.h

index 5860ed763d6decb411faa9bf6596a20a20e05b7d..2dcaa6836fe097df27b8618a2f50e409b3466677 100644

--- a/net/cert/internal/path_builder.h

+++ b/net/cert/internal/path_builder.h

@@ -78,6 +78,10 @@ class NET_EXPORT CertPathBuilder {

// |path.trust_anchor| may be null, and the path may be incomplete.

CertPath path;

+ // The set of policies that the certificate is valid for (of the

+ // subset of policies user requested during verification).

+ std::set<der::Input> user_constrained_policy_set;

// The errors/warnings from this path. Use |IsValid()| to determine if the

// path is valid.

CertPathErrors errors;

@@ -120,11 +124,18 @@ class NET_EXPORT CertPathBuilder {

// for the lifetime of the CertPathBuilder.

+ //

+ // See VerifyCertificateChain() for a more detailed explanation of the

+ // same-named parameters.

CertPathBuilder(scoped_refptr<ParsedCertificate> cert,

TrustStore* trust_store,

const SignaturePolicy* signature_policy,

const der::GeneralizedTime& time,

KeyPurpose key_purpose,

+ InitialExplicitPolicy initial_explicit_policy,

+ const std::set<der::Input>& user_initial_policy_set,

+ InitialPolicyMappingInhibit initial_policy_mapping_inhibit,

+ InitialAnyPolicyInhibit initial_any_policy_inhibit,

Result* result);

~CertPathBuilder();

@@ -160,6 +171,10 @@ class NET_EXPORT CertPathBuilder {

const SignaturePolicy* signature_policy_;

const der::GeneralizedTime time_;

const KeyPurpose key_purpose_;

+ const InitialExplicitPolicy initial_explicit_policy_;

+ const std::set<der::Input> user_initial_policy_set_;

+ const InitialPolicyMappingInhibit initial_policy_mapping_inhibit_;

+ const InitialAnyPolicyInhibit initial_any_policy_inhibit_;

// Stores the next complete path to attempt verification on. This is filled in

// by |cert_path_iter_| during the STATE_GET_NEXT_PATH step, and thus should

« no previous file with comments | « net/cert/cert_verify_proc_builtin.cc ('k') | net/cert/internal/path_builder.cc » ('j') | no next file with comments »