1// Copyright (c) 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_QUIC_CRYPTO_COMMON_CERT_SET_H_
6#define NET_QUIC_CRYPTO_COMMON_CERT_SET_H_
7
8#include "base/basictypes.h"
9#include "base/compiler_specific.h"
10#include "base/strings/string_piece.h"
11#include "net/base/net_export.h"
12#include "net/quic/crypto/crypto_protocol.h"
13
14namespace net {
15
16// CommonCertSets is an interface to an object that contains a number of common
17// certificate sets and can match against them.
18class NET_EXPORT_PRIVATE CommonCertSets {
19 public:
20  virtual ~CommonCertSets();
21
22  // GetInstanceQUIC returns the standard QUIC common certificate sets.
23  static const CommonCertSets* GetInstanceQUIC();
24
25  // GetCommonHashes returns a StringPiece containing the hashes of common sets
26  // supported by this object. The 64-bit hashes are concatenated in the
27  // StringPiece.
28  virtual base::StringPiece GetCommonHashes() const = 0;
29
30  // GetCert returns a specific certificate (at index |index|) in the common
31  // set identified by |hash|. If no such certificate is known, an empty
32  // StringPiece is returned.
33  virtual base::StringPiece GetCert(uint64 hash, uint32 index) const = 0;
34
35  // MatchCert tries to find |cert| in one of the common certificate sets
36  // identified by |common_set_hashes|. On success it puts the hash of the
37  // set in |out_hash|, the index of |cert| in the set in |out_index| and
38  // returns true. Otherwise it returns false.
39  virtual bool MatchCert(base::StringPiece cert,
40                         base::StringPiece common_set_hashes,
41                         uint64* out_hash,
42                         uint32* out_index) const = 0;
43};
44
45}  // namespace net
46
47#endif  // NET_QUIC_CRYPTO_COMMON_CERT_SET_H_
48