// Copyright 2016 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef NET_CERT_CACHING_CERT_VERIFIER_H_ #define NET_CERT_CACHING_CERT_VERIFIER_H_ #include <memory> #include "base/gtest_prod_util.h" #include "base/time/time.h" #include "net/base/completion_once_callback.h" #include "net/base/expiring_cache.h" #include "net/base/net_export.h" #include "net/cert/cert_database.h" #include "net/cert/cert_verifier.h" #include "net/cert/cert_verify_result.h" namespace net { // CertVerifier that caches the results of certificate verifications. // // In general, certificate verification results will vary on only three // parameters: // - The time of validation (as certificates are only valid for a period of // time) // - The revocation status (a certificate may be revoked at any time, but // revocation statuses themselves have validity period, so a 'good' result // may be reused for a period of time) // - The trust settings (a user may change trust settings at any time) // // This class tries to optimize by allowing certificate verification results // to be cached for a limited amount of time (presently, 30 minutes), which // tries to balance the implementation complexity of needing to monitor the // above for meaningful changes and the practical utility of being able to // cache results when they're not expected to change. class NET_EXPORT CachingCertVerifier : public CertVerifier, public CertVerifier::Observer, public CertDatabase::Observer { … }; } // namespace net #endif // NET_CERT_CACHING_CERT_VERIFIER_H_
Codebase Browser
chromium