Cert Management UI V2: queue cert verify requests on DB read
Change the cert verifier service to wait for user settings read from
the ServerCertificateDatabase before running any cert verify requests.
Requests received before the user settings are passed to the cert
verifier are queued and run once the verifier processes the user
settings.
Change-Id: If25f833ceb6e3b3343fffa334b2d83028aae735a
Bug: 40928765
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5857718
Reviewed-by: Dominic Farolino <[email protected]>
Reviewed-by: Matt Mueller <[email protected]>
Commit-Queue: Hubert Chao <[email protected]>
Reviewed-by: Charlie Harrison <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1363753}
diff --git a/chrome/browser/net/server_certificate_database.h b/chrome/browser/net/server_certificate_database.h
index eb2fdf5e..cdc55c8 100644
--- a/chrome/browser/net/server_certificate_database.h
+++ b/chrome/browser/net/server_certificate_database.h
@@ -5,12 +5,15 @@
#ifndef CHROME_BROWSER_NET_SERVER_CERTIFICATE_DATABASE_H_
#define CHROME_BROWSER_NET_SERVER_CERTIFICATE_DATABASE_H_
+#include <optional>
+
#include "base/files/file_path.h"
#include "base/sequence_checker.h"
#include "base/thread_annotations.h"
#include "chrome/browser/net/server_certificate_database.pb.h"
#include "sql/database.h"
#include "sql/init_status.h"
+#include "third_party/boringssl/src/pki/trust_store.h"
namespace net {
@@ -40,6 +43,9 @@
delete;
~ServerCertificateDatabase();
+ static std::optional<bssl::CertificateTrustType> GetUserCertificateTrust(
+ const net::ServerCertificateDatabase::CertInformation& cert_info);
+
// Insert a new certificate into the database, or if the certificate is
// already present (as indicated by cert_info.sha256hash_hex), update the
// entry in the database.
