diff options
| author | wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-12-19 00:17:48 +0000 |
|---|---|---|
| committer | wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-12-19 00:17:48 +0000 |
| commit | 5b62083c99317965244123c031c707d53f0a03f1 (patch) | |
| tree | 80d8d2b4811aeb65736101fdc88cfdc4a2c28ff3 /net/base/cert_verifier.h | |
| parent | 349f6911964be4226312f970d038bdfc3339face (diff) | |
| download | chromium_src-5b62083c99317965244123c031c707d53f0a03f1.zip chromium_src-5b62083c99317965244123c031c707d53f0a03f1.tar.gz chromium_src-5b62083c99317965244123c031c707d53f0a03f1.tar.bz2 | |
Add the CertVerifier class. It is based on the
HostResolver class. It's not being compiled yet.
R=eroman
BUG=3592
Review URL: http://codereview.chromium.org/14868
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@7280 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/cert_verifier.h')
| -rw-r--r-- | net/base/cert_verifier.h | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/net/base/cert_verifier.h b/net/base/cert_verifier.h new file mode 100644 index 0000000..06f7cef --- /dev/null +++ b/net/base/cert_verifier.h @@ -0,0 +1,65 @@ +// Copyright (c) 2008 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_CERT_VERIFIER_H_ +#define NET_BASE_CERT_VERIFIER_H_ + +#include <string> + +#include "base/basictypes.h" +#include "base/ref_counted.h" +#include "net/base/completion_callback.h" + +namespace net { + +class X509Certificate; + +// This class represents the task of verifying a certificate. It can only +// verify a single certificate at a time, so if you need to verify multiple +// certificates at the same time, you will need to allocate a CertVerifier +// object for each certificate. +// +// TODO(wtc): This class is based on HostResolver. We should create a base +// class for the common code between the two classes. +// +class CertVerifier { + public: + CertVerifier(); + + // If a completion callback is pending when the verifier is destroyed, the + // certificate verification is cancelled, and the completion callback will + // not be called. + ~CertVerifier(); + + // Verifies the given certificate against the given hostname. Returns OK if + // successful or an error code upon failure. + // + // The |cert_status| bitmask is always filled out regardless of the return + // value. If the certificate has multiple errors, the corresponding status + // flags are set in |cert_status|, and the error code for the most serious + // error is returned. + // + // If |rev_checking_enabled| is true, certificate revocation checking is + // performed. + // + // When callback is null, the operation completes synchronously. + // + // When callback is non-null, ERR_IO_PENDING is returned if the operation + // could not be completed synchronously, in which case the result code will + // be passed to the callback when available. + // + int Verify(X509Certificate* cert, const std::string& hostname, + bool rev_checking_enabled, int* cert_status, + CompletionCallback* callback); + + private: + class Request; + friend class Request; + scoped_refptr<Request> request_; + DISALLOW_COPY_AND_ASSIGN(CertVerifier); +}; + +} // namespace net + +#endif // NET_BASE_CERT_VERIFIER_H_ |