1// Copyright (c) 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_CHROMEOS_POLICY_POLICY_CERT_VERIFIER_H_ 6#define CHROME_BROWSER_CHROMEOS_POLICY_POLICY_CERT_VERIFIER_H_ 7 8#include "base/memory/scoped_ptr.h" 9#include "net/cert/cert_verifier.h" 10 11namespace net { 12class CertTrustAnchorProvider; 13} 14 15namespace policy { 16 17// Wraps a MultiThreadedCertVerifier to make it use the additional trust anchors 18// configured by the ONC user policy. 19class PolicyCertVerifier : public net::CertVerifier { 20 public: 21 // |profile| is a handle to the Profile whose request context makes use of 22 // this verified. This object can be created on the IO thread; the handle is 23 // only used on the UI thread, if it's still valid. 24 // |trust_anchor_provider| is used to retrieve the current list of trust 25 // anchors. 26 PolicyCertVerifier(void* profile, 27 net::CertTrustAnchorProvider* trust_anchor_provider); 28 virtual ~PolicyCertVerifier(); 29 30 // CertVerifier implementation: 31 // Note: |callback| can be null. 32 virtual int Verify(net::X509Certificate* cert, 33 const std::string& hostname, 34 int flags, 35 net::CRLSet* crl_set, 36 net::CertVerifyResult* verify_result, 37 const net::CompletionCallback& callback, 38 RequestHandle* out_req, 39 const net::BoundNetLog& net_log) OVERRIDE; 40 41 virtual void CancelRequest(RequestHandle req) OVERRIDE; 42 43 private: 44 void* profile_; 45 scoped_ptr<CertVerifier> delegate_; 46}; 47 48} // namespace policy 49 50#endif // CHROME_BROWSER_CHROMEOS_POLICY_POLICY_CERT_VERIFIER_H_ 51