| // Copyright 2016 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_ |
| #define NET_CERT_INTERNAL_TRUST_STORE_H_ |
| |
| #include <unordered_map> |
| #include <vector> |
| |
| #include "base/memory/ref_counted.h" |
| #include "base/strings/string_piece.h" |
| #include "net/base/net_export.h" |
| #include "net/cert/internal/parsed_certificate.h" |
| |
| namespace net { |
| |
| namespace der { |
| class Input; |
| } |
| |
| // A very simple implementation of a TrustStore, which contains a set of |
| // trusted certificates. |
| // TODO(mattm): convert this into an interface, provide implementations that |
| // interface with OS trust store. |
| class NET_EXPORT TrustStore { |
| public: |
| TrustStore(); |
| ~TrustStore(); |
| |
| // Empties the trust store, resetting it to original state. |
| void Clear(); |
| |
| // Adds a trusted certificate to the store. |
| void AddTrustedCertificate(scoped_refptr<ParsedCertificate> anchor); |
| |
| // Returns the trust anchors that match |name| in |*matches|, if any. |
| void FindTrustAnchorsByNormalizedName(const der::Input& normalized_name, |
| ParsedCertificateList* matches) const; |
| |
| // Returns true if |cert| matches a certificate in the TrustStore. |
| bool IsTrustedCertificate(const ParsedCertificate* cert) const |
| WARN_UNUSED_RESULT; |
| |
| private: |
| // Multimap from normalized subject -> ParsedCertificate. |
| std::unordered_multimap<base::StringPiece, |
| scoped_refptr<ParsedCertificate>, |
| base::StringPieceHash> |
| anchors_; |
| |
| DISALLOW_COPY_AND_ASSIGN(TrustStore); |
| }; |
| |
| } // namespace net |
| |
| #endif // NET_CERT_INTERNAL_TRUST_STORE_H_ |