OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_X509_UTIL_H_ | 5 #ifndef NET_CERT_X509_UTIL_H_ |
6 #define NET_CERT_X509_UTIL_H_ | 6 #define NET_CERT_X509_UTIL_H_ |
7 | 7 |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <memory> | 10 #include <memory> |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
79 // OS primitives. This is useful in sandboxed processes. | 79 // OS primitives. This is useful in sandboxed processes. |
80 NET_EXPORT bool ParseCertificateSandboxed( | 80 NET_EXPORT bool ParseCertificateSandboxed( |
81 const base::StringPiece& certificate, | 81 const base::StringPiece& certificate, |
82 std::string* subject, | 82 std::string* subject, |
83 std::string* issuer, | 83 std::string* issuer, |
84 base::Time* not_before, | 84 base::Time* not_before, |
85 base::Time* not_after, | 85 base::Time* not_after, |
86 std::vector<std::string>* dns_names, | 86 std::vector<std::string>* dns_names, |
87 std::vector<std::string>* ip_addresses); | 87 std::vector<std::string>* ip_addresses); |
88 | 88 |
89 // Comparator for use in STL algorithms that will sort client certificates by | |
90 // order of preference. | |
91 // Returns true if |a| is more preferable than |b|, allowing it to be used | |
92 // with any algorithm that compares according to strict weak ordering. | |
93 // | |
94 // Criteria include: | |
95 // - Prefer certificates that have a longer validity period (later | |
96 // expiration dates) | |
97 // - If equal, prefer certificates that were issued more recently | |
98 // - If equal, prefer shorter chains (if available) | |
99 class NET_EXPORT_PRIVATE ClientCertSorter { | |
100 public: | |
101 ClientCertSorter(); | |
102 | |
103 bool operator()( | |
104 const scoped_refptr<X509Certificate>& a, | |
105 const scoped_refptr<X509Certificate>& b) const; | |
106 | |
107 private: | |
108 base::Time now_; | |
109 }; | |
110 | |
111 // Returns a CRYPTO_BUFFER_POOL for deduplicating certificates. | 89 // Returns a CRYPTO_BUFFER_POOL for deduplicating certificates. |
112 NET_EXPORT CRYPTO_BUFFER_POOL* GetBufferPool(); | 90 NET_EXPORT CRYPTO_BUFFER_POOL* GetBufferPool(); |
113 | 91 |
114 // Creates a CRYPTO_BUFFER in the same pool returned by GetBufferPool. | 92 // Creates a CRYPTO_BUFFER in the same pool returned by GetBufferPool. |
115 NET_EXPORT bssl::UniquePtr<CRYPTO_BUFFER> CreateCryptoBuffer( | 93 NET_EXPORT bssl::UniquePtr<CRYPTO_BUFFER> CreateCryptoBuffer( |
116 const uint8_t* data, | 94 const uint8_t* data, |
117 size_t length); | 95 size_t length); |
118 | 96 |
119 // Creates a CRYPTO_BUFFER in the same pool returned by GetBufferPool. | 97 // Creates a CRYPTO_BUFFER in the same pool returned by GetBufferPool. |
120 NET_EXPORT bssl::UniquePtr<CRYPTO_BUFFER> CreateCryptoBuffer( | 98 NET_EXPORT bssl::UniquePtr<CRYPTO_BUFFER> CreateCryptoBuffer( |
121 const base::StringPiece& data); | 99 const base::StringPiece& data); |
122 | 100 |
123 // Overload with no definition, to disallow creating a CRYPTO_BUFFER from a | 101 // Overload with no definition, to disallow creating a CRYPTO_BUFFER from a |
124 // char* due to StringPiece implicit ctor. | 102 // char* due to StringPiece implicit ctor. |
125 NET_EXPORT bssl::UniquePtr<CRYPTO_BUFFER> CreateCryptoBuffer( | 103 NET_EXPORT bssl::UniquePtr<CRYPTO_BUFFER> CreateCryptoBuffer( |
126 const char* invalid_data); | 104 const char* invalid_data); |
127 | 105 |
128 } // namespace x509_util | 106 } // namespace x509_util |
129 | 107 |
130 } // namespace net | 108 } // namespace net |
131 | 109 |
132 #endif // NET_CERT_X509_UTIL_H_ | 110 #endif // NET_CERT_X509_UTIL_H_ |
OLD | NEW |