1// Copyright (c) 2010 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_SSL_SSL_POLICY_BACKEND_H_
6#define CHROME_BROWSER_SSL_SSL_POLICY_BACKEND_H_
7#pragma once
8
9#include <string>
10#include <vector>
11
12#include "base/basictypes.h"
13#include "base/string16.h"
14#include "net/base/x509_certificate.h"
15
16class NavigationController;
17class SSLHostState;
18
19class SSLPolicyBackend {
20 public:
21  explicit SSLPolicyBackend(NavigationController* controller);
22
23  // Records that a host has run insecure content.
24  void HostRanInsecureContent(const std::string& host, int pid);
25
26  // Returns whether the specified host ran insecure content.
27  bool DidHostRunInsecureContent(const std::string& host, int pid) const;
28
29  // Records that |cert| is permitted to be used for |host| in the future.
30  void DenyCertForHost(net::X509Certificate* cert, const std::string& host);
31
32  // Records that |cert| is not permitted to be used for |host| in the future.
33  void AllowCertForHost(net::X509Certificate* cert, const std::string& host);
34
35  // Queries whether |cert| is allowed or denied for |host|.
36  net::CertPolicy::Judgment QueryPolicy(
37      net::X509Certificate* cert, const std::string& host);
38
39 private:
40  // SSL state specific for each host.
41  SSLHostState* ssl_host_state_;
42
43  DISALLOW_COPY_AND_ASSIGN(SSLPolicyBackend);
44};
45
46#endif  // CHROME_BROWSER_SSL_SSL_POLICY_BACKEND_H_
47