Index: net/cert/cert_policy_enforcer.h |
diff --git a/net/cert/cert_policy_enforcer.h b/net/cert/cert_policy_enforcer.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..c8e03acfc534f60e9459bd297d8afa53f8bfc74c |
--- /dev/null |
+++ b/net/cert/cert_policy_enforcer.h |
@@ -0,0 +1,42 @@ |
+// Copyright 2014 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+#ifndef NET_CERT_CERT_POLICY_ENFORCER_H |
+#define NET_CERT_CERT_POLICY_ENFORCER_H |
+ |
+#include <stdint.h> |
+ |
+#include "net/base/net_export.h" |
+ |
+namespace net { |
+ |
+namespace ct { |
+struct CTVerifyResult; |
+} // namespace ct |
+ |
+class X509Certificate; |
+ |
+class NET_EXPORT CertPolicyEnforcer { |
Ryan Sleevi
2014/10/22 19:48:35
Document
Eran Messeri
2014/10/24 12:12:35
Done.
|
+ public: |
+ explicit CertPolicyEnforcer(uint32_t num_ct_logs); |
Ryan Sleevi
2014/10/22 19:48:35
Document
Eran Messeri
2014/10/24 12:12:35
Done.
|
+ virtual ~CertPolicyEnforcer(); |
+ |
+ // Returns true if the collection of SCTs for the given certificate |
+ // conforms with the CT/EV policy, false otherwise. |
+ // |cert| is the certificate for which the SCTs apply (this is needed |
+ // to determine the certificate's lifetime). |
+ // |ct_result| is the CTVerifyResult filled in by the Verify call. |
+ bool DoesConformToCTEVPolicy(X509Certificate* cert, |
+ const ct::CTVerifyResult& ct_result); |
+ |
+ // Sets enforcement of the CT/EV Policy. |
+ // TODO(eranm): Remove this for M41. |
+ static void SetEnforceCTEVPolicy(bool enforce_policy); |
Ryan Sleevi
2014/10/22 19:48:35
Why is this a static? Why is this just not an arti
Eran Messeri
2014/10/24 12:12:35
Removed in favour of a c'tor parameter.
|
+ |
+ private: |
+ uint8_t num_ct_logs_; |
Ryan Sleevi
2014/10/22 19:48:35
STYLE: Why these data type conversions? See http:/
Eran Messeri
2014/10/24 12:12:35
Done.
|
+}; |
+ |
+} // namespace net |
+ |
+#endif // NET_CERT_CERT_POLICY_ENFORCER_H |