summaryrefslogtreecommitdiffstats
path: root/net/socket/dns_cert_provenance_checker.h
diff options
context:
space:
mode:
Diffstat (limited to 'net/socket/dns_cert_provenance_checker.h')
-rw-r--r--net/socket/dns_cert_provenance_checker.h63
1 files changed, 0 insertions, 63 deletions
diff --git a/net/socket/dns_cert_provenance_checker.h b/net/socket/dns_cert_provenance_checker.h
deleted file mode 100644
index e6a41ae..0000000
--- a/net/socket/dns_cert_provenance_checker.h
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef NET_SOCKET_DNS_CERT_PROVENANCE_CHECKER_H
-#define NET_SOCKET_DNS_CERT_PROVENANCE_CHECKER_H
-
-#include <string>
-#include <vector>
-
-#include "base/string_piece.h"
-#include "net/base/net_export.h"
-
-namespace net {
-
-class DnsRRResolver;
-
-// DnsCertProvenanceChecker is an interface for asynchronously checking HTTPS
-// certificates via a DNS side-channel.
-class NET_EXPORT DnsCertProvenanceChecker {
- public:
- class NET_EXPORT Delegate {
- public:
- virtual ~Delegate();
-
- virtual void OnDnsCertLookupFailed(
- const std::string& hostname,
- const std::vector<std::string>& der_certs) = 0;
- };
-
- virtual ~DnsCertProvenanceChecker();
-
- virtual void Shutdown() = 0;
-
- // DoAsyncVerification starts an asynchronous check for the given certificate
- // chain. It must be run on the network thread.
- virtual void DoAsyncVerification(
- const std::string& hostname,
- const std::vector<base::StringPiece>& der_certs) = 0;
-
-
- protected:
- // DoAsyncLookup performs a DNS lookup for the given name and certificate
- // chain. In the event that the lookup reports a failure, the Delegate is
- // called back.
- static void DoAsyncLookup(
- const std::string& hostname,
- const std::vector<base::StringPiece>& der_certs,
- DnsRRResolver* dnsrr_resolver,
- Delegate* delegate);
-
- // BuildEncryptedRecord encrypts the certificate chain to a fixed public key
- // and returns the encrypted blob. Since this code is reporting a possible
- // HTTPS failure, it would seem silly to use HTTPS to protect the uploaded
- // report.
- static std::string BuildEncryptedReport(
- const std::string& hostname,
- const std::vector<std::string>& der_certs);
-};
-
-} // namespace net
-
-#endif // NET_SOCKET_DNS_CERT_PROVENANCE_CHECK_H
generated by cgit v1.1 at 2025-02-01 00:04:05 +0000