[go: nahoru, domu]

blob: 5093d180ae33e68c00adb1ce489c7a4b24f9be31 [file] [log] [blame]
// Copyright (c) 2017 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_CERT_KNOWN_ROOTS_MAC_H_
#define NET_CERT_KNOWN_ROOTS_MAC_H_
#include <Security/Security.h>
namespace net {
// IsKnownRoot returns true if the given certificate is one that we believe
// is a standard (as opposed to user-installed) root.
//
// NOTE: The first call will lazily initialize the known roots, which requires
// holding crypto::GetMacSecurityServicesLock(). Callers must therefore either
// acquire that lock prior to calling this, or eagerly initialize beforehand
// using InitializeKnownRoots().
bool IsKnownRoot(SecCertificateRef cert);
// Calling this is optional as initialization will otherwise be done lazily when
// calling IsKnownRoot(). When calling this, the current thread must NOT already
// be holding/ crypto::GetMacSecurityServicesLock().
void InitializeKnownRoots();
} // namespace net
#endif // NET_CERT_KNOWN_ROOTS_MAC_H_