1// Copyright (c) 2017 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_CERT_KNOWN_ROOTS_H_
6#define NET_CERT_KNOWN_ROOTS_H_
7
8#include <stdint.h>
9
10#include "build/build_config.h"
11#include "net/base/net_export.h"
12
13namespace net {
14
15class HashValue;
16
17// Returns a value within the NetRootCert histogram enum indicating the
18// ID of the trust anchor whose subjectPublicKeyInfo hash is |spki_hash|, or
19// 0 if it cannot be found.
20NET_EXPORT int32_t
21GetNetTrustAnchorHistogramIdForSPKI(const HashValue& spki_hash);
22
23// Returns true if the CA identified by |spki_hash| is known as a Legacy CA,
24// which means that they are known as a well-known root, but are not trusted
25// on the ChromiumOS or Android platforms. This indicates a CA that either has
26// been removed from public trust (generally, voluntarily) or has not (or not
27// yet) undergone a public review and discussion for broad public trust.
28NET_EXPORT bool IsLegacyPubliclyTrustedCA(const HashValue& spki_hash);
29
30} // namespace net
31
32#endif // NET_CERT_KNOWN_ROOTS_H_
33