1// Copyright 2018 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_CHROME_CT_POLICY_ENFORCER_H_
6#define COMPONENTS_CERTIFICATE_TRANSPARENCY_CHROME_CT_POLICY_ENFORCER_H_
7
8#include "net/cert/ct_policy_enforcer.h"
9
10namespace certificate_transparency {
11
12// A CTPolicyEnforcer that enforces the "Certificate Transparency in Chrome"
13// policies detailed at
14// https://github.com/chromium/ct-policy/blob/master/ct_policy.md
15//
16// This should only be used when there is a reliable, rapid update mechanism
17// for the set of known, qualified logs - either through a reliable binary
18// updating mechanism or through out-of-band delivery. See
19// //net/docs/certificate-transparency.md for more details.
20class ChromeCTPolicyEnforcer : public net::CTPolicyEnforcer {
21 public:
22 ChromeCTPolicyEnforcer() = default;
23 ~ChromeCTPolicyEnforcer() override = default;
24
25 net::ct::CTPolicyCompliance CheckCompliance(
26 net::X509Certificate* cert,
27 const net::ct::SCTList& verified_scts,
28 const net::NetLogWithSource& net_log) override;
29};
30
31} // namespace certificate_transparency
32
33#endif // COMPONENTS_CERTIFICATE_TRANSPARENCY_CHROME_CT_POLICY_ENFORCER_H_
34