ct_verifier.h revision f2477e01787aa58f445919b809d89e252beef54f
1f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 2f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// found in the LICENSE file. 4f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 5f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#ifndef NET_CERT_CT_VERIFIER_H_ 6f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#define NET_CERT_CT_VERIFIER_H_ 7f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 8f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "net/base/net_export.h" 9f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 10f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)namespace net { 11f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 12f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)namespace ct { 13f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)struct CTVerifyResult; 14f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)} // namespace ct 15f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 16f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)class X509Certificate; 17f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 18f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Interface for verifying Signed Certificate Timestamps over a certificate. 19f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)class NET_EXPORT CTVerifier { 20f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) public: 21f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) virtual ~CTVerifier() {} 22f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 23f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Verifies either embedded SCTs or SCTs obtained via the 24f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // signed_certificate_timestamp TLS extension or OCSP on the given |cert| 25f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // |result| will be filled with these SCTs, divided into categories based on 26f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // the verification result. 27f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) virtual int Verify(X509Certificate* cert, 28f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const std::string& sct_list_from_ocsp, 29f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const std::string& sct_list_from_tls_extension, 30f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ct::CTVerifyResult* result) = 0; 31f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 32f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)}; 33f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 34f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)} // namespace net 35f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 36f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#endif // NET_CERT_CT_VERIFIER_H_ 37