OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 #ifndef NET_CERT_CERT_POLICY_ENFORCER_H | |
5 #define NET_CERT_CERT_POLICY_ENFORCER_H | |
6 | |
7 #include <stdint.h> | |
8 | |
9 #include "net/base/net_export.h" | |
10 | |
11 namespace net { | |
12 | |
13 namespace ct { | |
14 struct CTVerifyResult; | |
15 } // namespace ct | |
16 | |
17 class X509Certificate; | |
18 | |
19 class NET_EXPORT CertPolicyEnforcer { | |
Ryan Sleevi
2014/10/22 19:48:35
Document
Eran Messeri
2014/10/24 12:12:35
Done.
| |
20 public: | |
21 explicit CertPolicyEnforcer(uint32_t num_ct_logs); | |
Ryan Sleevi
2014/10/22 19:48:35
Document
Eran Messeri
2014/10/24 12:12:35
Done.
| |
22 virtual ~CertPolicyEnforcer(); | |
23 | |
24 // Returns true if the collection of SCTs for the given certificate | |
25 // conforms with the CT/EV policy, false otherwise. | |
26 // |cert| is the certificate for which the SCTs apply (this is needed | |
27 // to determine the certificate's lifetime). | |
28 // |ct_result| is the CTVerifyResult filled in by the Verify call. | |
29 bool DoesConformToCTEVPolicy(X509Certificate* cert, | |
30 const ct::CTVerifyResult& ct_result); | |
31 | |
32 // Sets enforcement of the CT/EV Policy. | |
33 // TODO(eranm): Remove this for M41. | |
34 static void SetEnforceCTEVPolicy(bool enforce_policy); | |
Ryan Sleevi
2014/10/22 19:48:35
Why is this a static? Why is this just not an arti
Eran Messeri
2014/10/24 12:12:35
Removed in favour of a c'tor parameter.
| |
35 | |
36 private: | |
37 uint8_t num_ct_logs_; | |
Ryan Sleevi
2014/10/22 19:48:35
STYLE: Why these data type conversions? See http:/
Eran Messeri
2014/10/24 12:12:35
Done.
| |
38 }; | |
39 | |
40 } // namespace net | |
41 | |
42 #endif // NET_CERT_CERT_POLICY_ENFORCER_H | |
OLD | NEW |