Certificate Transparency: Code for unpacking EV cert hashes whitelist

Re-submission of https://codereview.chromium.org/462543002/ (note that the Fingerprint256 changes have been broken off to a separate change).

Note for the build cop: Please attempt to contact me if there's a need to roll back.

BUG=339128

Review URL: https://codereview.chromium.org/547603002

Cr-Commit-Position: refs/heads/master@{#301642}

1 files changed, 40 insertions, 0 deletions

diff --git a/net/cert/ct_ev_whitelist.h b/net/cert/ct_ev_whitelist.h
new file mode 100644
index 0000000..a12b9d5
--- /dev/null
+++ b/net/cert/ct_ev_whitelist.h
@@ -0,0 +1,40 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_CERT_CT_EV_WHITELIST_H_
+#define NET_CERT_CT_EV_WHITELIST_H_
+
+#include <string>
+
+#include "base/memory/ref_counted.h"
+#include "net/base/net_export.h"
+
+namespace net {
+
+namespace ct {
+
+class NET_EXPORT EVCertsWhitelist
+    : public base::RefCountedThreadSafe<EVCertsWhitelist> {
+ public:
+  // Returns true if the |certificate_hash| appears in the EV certificate hashes
+  // whitelist.
+  virtual bool ContainsCertificateHash(
+      const std::string& certificate_hash) const = 0;
+
+  // Returns true if the global EV certificate hashes whitelist is non-empty,
+  // false otherwise.
+  virtual bool IsValid() const = 0;
+
+ protected:
+  virtual ~EVCertsWhitelist() {}
+
+ private:
+  friend class base::RefCountedThreadSafe<EVCertsWhitelist>;
+};
+
+}  // namespace ct
+
+}  // namespace net
+
+#endif  // NET_CERT_CT_EV_WHITELIST_H_