Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / ios / web / public / certificate_policy_cache.h
blob51d5d4be26a54c181d509031e1bf11ed46e0bda2
1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef IOS_WEB_PUBLIC_CERTIFICATE_POLICY_CACHE_H_
6 #define IOS_WEB_PUBLIC_CERTIFICATE_POLICY_CACHE_H_
8 #include <map>
9 #include <string>
11 #include "ios/web/public/cert_policy.h"
12 #include "net/cert/x509_certificate.h"
14 namespace web {
16 // A manager for certificate policy decisions for hosts, used to remember
17 // decisions about how to handle problematic certs.
18 // This class is thread-safe only in that in can be created and passed around
19 // on any thread; the policy-related methods can only be called from the IO
20 // thread.
21 class CertificatePolicyCache
22 : public base::RefCountedThreadSafe<CertificatePolicyCache> {
23 public:
24 // Can be called from any thread:
25 CertificatePolicyCache();
27 // Everything from here on can only be called from the IO thread.
29 // Records that |cert| is permitted to be used for |host| in the future.
30 virtual void AllowCertForHost(net::X509Certificate* cert,
31 const std::string& host,
32 net::CertStatus error);
34 // Queries whether |cert| is allowed or denied for |host|.
35 virtual CertPolicy::Judgment QueryPolicy(net::X509Certificate* cert,
36 const std::string& host,
37 net::CertStatus error);
39 // Removes all policies stored in this instance.
40 virtual void ClearCertificatePolicies();
42 protected:
43 virtual ~CertificatePolicyCache();
45 private:
46 friend class base::RefCountedThreadSafe<CertificatePolicyCache>;
48 // Certificate policies for each host.
49 std::map<std::string, CertPolicy> cert_policy_for_host_;
51 DISALLOW_COPY_AND_ASSIGN(CertificatePolicyCache);
54 } // namespace web
56 #endif // IOS_WEB_PUBLIC_CERTIFICATE_POLICY_CACHE_H_