summaryrefslogtreecommitdiffstats
path: root/net/socket/ssl_client_socket_nss.h
diff options
context:
space:
mode:
authoragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-09-20 19:39:06 +0000
committeragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-09-20 19:39:06 +0000
commitae780c8ff8cf7a6ee227beb8e7c6837f4933b02c (patch)
treeb452938a0277732cd8b3c55a191458ce2baaf3d1 /net/socket/ssl_client_socket_nss.h
parentfe2255a16ad2c2ffb6390c1ec9d6b6bc0ae9a708 (diff)
downloadchromium_src-ae780c8ff8cf7a6ee227beb8e7c6837f4933b02c.zip
chromium_src-ae780c8ff8cf7a6ee227beb8e7c6837f4933b02c.tar.gz
chromium_src-ae780c8ff8cf7a6ee227beb8e7c6837f4933b02c.tar.bz2
net: support side-pinning of public keys.
Side-pinning allows a site to pin to a public key that is both offline and not a CA public key (without owning an intermediate CA themselves). We do this by supporting a superfluous certificate in the chain which contains a P256 public key and ECDSA signature over the leaf SPKI. BUG=none TEST=net_unittests Review URL: http://codereview.chromium.org/7951005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@101993 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket/ssl_client_socket_nss.h')
-rw-r--r--net/socket/ssl_client_socket_nss.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/net/socket/ssl_client_socket_nss.h b/net/socket/ssl_client_socket_nss.h
index 88e8fde..0d0b342 100644
--- a/net/socket/ssl_client_socket_nss.h
+++ b/net/socket/ssl_client_socket_nss.h
@@ -219,6 +219,7 @@ class SSLClientSocketNSS : public SSLClientSocket {
// we used an SSLHostInfo's verification.
const CertVerifyResult* server_cert_verify_result_;
CertVerifyResult local_server_cert_verify_result_;
+ std::vector<SHA1Fingerprint> side_pinned_public_keys_;
int ssl_connection_status_;
// Stores client authentication information between ClientAuthHandler and
generated by cgit v1.1 at 2025-03-02 09:58:30 +0000