OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef NET_CERT_MULTI_LOG_CT_VERIFIER_H_ | |
6 #define NET_CERT_MULTI_LOG_CT_VERIFIER_H_ | |
7 | |
8 #include <string> | |
9 | |
10 #include "base/memory/scoped_ptr.h" | |
11 #include "base/memory/scoped_vector.h" | |
12 #include "net/base/net_export.h" | |
13 #include "net/cert/ct_verifier.h" | |
14 #include "net/cert/signed_certificate_timestamp.h" | |
15 | |
16 namespace net { | |
17 | |
18 namespace ct { | |
19 struct LogEntry; | |
20 } // namespace ct | |
21 | |
22 class CTLogVerifier; | |
23 | |
24 class NET_EXPORT MultiLogCTVerifier : public CTVerifier { | |
Ryan Sleevi
2013/11/20 01:09:42
Style Nit: Please add documentation about this cla
Eran M. (Google)
2013/11/20 19:45:06
Done, in the header file.
| |
25 public: | |
26 explicit MultiLogCTVerifier(scoped_ptr<CTLogVerifier> log_verifier); | |
Ryan Sleevi
2013/11/20 01:09:42
API design: Why use two different methods for addi
Eran M. (Google)
2013/11/20 19:45:06
Good point, left AddLog and removed the argument f
| |
27 virtual ~MultiLogCTVerifier(); | |
28 | |
29 virtual void AddLog(scoped_ptr<CTLogVerifier> log_verifier); | |
Ryan Sleevi
2013/11/20 01:09:42
Why does this need to be virtual?
Eran M. (Google)
2013/11/20 19:45:06
Does not - removed virtual qualifier.
Eran M. (Google)
2013/11/20 19:45:06
Does not - removed.
| |
30 // CTVerifier implementation: | |
Ryan Sleevi
2013/11/20 01:09:42
nit: newline before the comment
Eran M. (Google)
2013/11/20 19:45:06
Done.
| |
31 virtual int Verify(X509Certificate* verified_cert, | |
32 const std::string& sct_list_from_ocsp, | |
33 const std::string& sct_list_from_tls_handshake, | |
34 ct::CTVerifyResult* result, | |
35 const CompletionCallback& callback, | |
36 const BoundNetLog& net_log) OVERRIDE; | |
37 | |
38 private: | |
39 MultiLogCTVerifier(); | |
40 | |
41 // Verify a list of SCTs from |encoded_sct_list|, placing the verification | |
42 // results in |result|. Fills in the origin field of each SCT from | |
43 // |origin|. | |
44 bool VerifySCTs(const std::string& encoded_sct_list, | |
45 const ct::LogEntry& expected_entry, | |
46 ct::SignedCertificateTimestamp::Origin origin, | |
47 ct::CTVerifyResult* result); | |
48 | |
49 // Verifies a single, parsed SCT against all logs. | |
50 bool VerifySingleSCT( | |
51 const ct::SignedCertificateTimestamp& sct, | |
52 const ct::LogEntry& expected_entry, | |
53 ct::CTVerifyResult* result); | |
54 | |
55 ScopedVector<CTLogVerifier> logs_; | |
Ryan Sleevi
2013/11/20 01:09:42
API design: Why a vector, when every CTLogVerifier
Eran M. (Google)
2013/11/20 19:45:06
Good point - a map would make more sense here.
As
| |
56 | |
57 DISALLOW_COPY_AND_ASSIGN(MultiLogCTVerifier); | |
58 }; | |
59 | |
60 } // namespace net | |
61 | |
62 #endif // NET_CERT_MULTI_LOG_CT_VERIFIER_H_ | |
OLD | NEW |