OLD | NEW |
---|---|
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <string> | 9 #include <string> |
10 #include <vector> | 10 #include <vector> |
(...skipping 255 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
266 // SetProofValid records that the certificate chain and signature have been | 266 // SetProofValid records that the certificate chain and signature have been |
267 // validated and that it's safe to assume that the server is legitimate. | 267 // validated and that it's safe to assume that the server is legitimate. |
268 // (Note: this does not check the chain or signature.) | 268 // (Note: this does not check the chain or signature.) |
269 void SetProofValid(); | 269 void SetProofValid(); |
270 | 270 |
271 const std::string& server_config() const; | 271 const std::string& server_config() const; |
272 const std::string& source_address_token() const; | 272 const std::string& source_address_token() const; |
273 const std::vector<std::string>& certs() const; | 273 const std::vector<std::string>& certs() const; |
274 const std::string& signature() const; | 274 const std::string& signature() const; |
275 bool proof_valid() const; | 275 bool proof_valid() const; |
276 uint64 generation_counter() const; | |
276 | 277 |
277 void set_source_address_token(base::StringPiece token); | 278 void set_source_address_token(base::StringPiece token); |
278 | 279 |
279 private: | 280 private: |
280 std::string server_config_id_; // An opaque id from the server. | 281 std::string server_config_id_; // An opaque id from the server. |
281 std::string server_config_; // A serialized handshake message. | 282 std::string server_config_; // A serialized handshake message. |
282 std::string source_address_token_; // An opaque proof of IP ownership. | 283 std::string source_address_token_; // An opaque proof of IP ownership. |
283 std::vector<std::string> certs_; // A list of certificates in leaf-first | 284 std::vector<std::string> certs_; // A list of certificates in leaf-first |
284 // order. | 285 // order. |
285 std::string server_config_sig_; // A signature of |server_config_|. | 286 std::string server_config_sig_; // A signature of |server_config_|. |
286 bool server_config_valid_; // true if |server_config_| is correctly signed | 287 bool server_config_valid_; // True if |server_config_| is correctly |
287 // and |certs_| has been validated. | 288 // signed and |certs_| has been |
289 // validated. | |
290 uint64 generation_counter_; // Generation counter associated with | |
291 // the |server_config_|, |certs_| and | |
292 // |server_config_sig_| combination. | |
wtc
2013/07/03 00:20:26
Nit: it would be nice to point out that generation
ramant (doing other things)
2013/07/03 05:46:34
Done.
| |
288 | 293 |
289 // scfg contains the cached, parsed value of |server_config|. | 294 // scfg contains the cached, parsed value of |server_config|. |
290 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; | 295 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; |
291 }; | 296 }; |
292 | 297 |
293 QuicCryptoClientConfig(); | 298 QuicCryptoClientConfig(); |
294 ~QuicCryptoClientConfig(); | 299 ~QuicCryptoClientConfig(); |
295 | 300 |
296 // Sets the members to reasonable, default values. | 301 // Sets the members to reasonable, default values. |
297 void SetDefaults(); | 302 void SetDefaults(); |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
341 | 346 |
342 // ProcessServerHello processes the message in |server_hello|, writes the | 347 // ProcessServerHello processes the message in |server_hello|, writes the |
343 // negotiated parameters to |out_params| and returns QUIC_NO_ERROR. If | 348 // negotiated parameters to |out_params| and returns QUIC_NO_ERROR. If |
344 // |server_hello| is unacceptable then it puts an error message in | 349 // |server_hello| is unacceptable then it puts an error message in |
345 // |error_details| and returns an error code. | 350 // |error_details| and returns an error code. |
346 QuicErrorCode ProcessServerHello(const CryptoHandshakeMessage& server_hello, | 351 QuicErrorCode ProcessServerHello(const CryptoHandshakeMessage& server_hello, |
347 QuicGuid guid, | 352 QuicGuid guid, |
348 QuicCryptoNegotiatedParameters* out_params, | 353 QuicCryptoNegotiatedParameters* out_params, |
349 std::string* error_details); | 354 std::string* error_details); |
350 | 355 |
351 const ProofVerifier* proof_verifier() const; | 356 ProofVerifier* proof_verifier() const; |
352 | 357 |
353 // SetProofVerifier takes ownership of a |ProofVerifier| that clients are | 358 // SetProofVerifier takes ownership of a |ProofVerifier| that clients are |
354 // free to use in order to verify certificate chains from servers. If a | 359 // free to use in order to verify certificate chains from servers. If a |
355 // ProofVerifier is set then the client will request a certificate chain from | 360 // ProofVerifier is set then the client will request a certificate chain from |
356 // the server. | 361 // the server. |
357 void SetProofVerifier(ProofVerifier* verifier); | 362 void SetProofVerifier(ProofVerifier* verifier); |
358 | 363 |
359 ChannelIDSigner* channel_id_signer() const; | 364 ChannelIDSigner* channel_id_signer() const; |
360 | 365 |
361 // SetChannelIDSigner sets a ChannelIDSigner that will be called when the | 366 // SetChannelIDSigner sets a ChannelIDSigner that will be called when the |
362 // server supports channel IDs to sign a message proving possession of the | 367 // server supports channel IDs to sign a message proving possession of the |
363 // given ChannelID. This object takes ownership of |signer|. | 368 // given ChannelID. This object takes ownership of |signer|. |
364 void SetChannelIDSigner(ChannelIDSigner* signer); | 369 void SetChannelIDSigner(ChannelIDSigner* signer); |
365 | 370 |
366 private: | 371 private: |
367 // cached_states_ maps from the server hostname to the cached information | 372 // cached_states_ maps from the server hostname to the cached information |
368 // about that server. | 373 // about that server. |
369 std::map<std::string, CachedState*> cached_states_; | 374 std::map<std::string, CachedState*> cached_states_; |
370 | 375 |
371 scoped_ptr<ProofVerifier> proof_verifier_; | 376 scoped_ptr<ProofVerifier> proof_verifier_; |
372 scoped_ptr<ChannelIDSigner> channel_id_signer_; | 377 scoped_ptr<ChannelIDSigner> channel_id_signer_; |
373 | 378 |
374 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); | 379 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); |
375 }; | 380 }; |
376 | 381 |
377 } // namespace net | 382 } // namespace net |
378 | 383 |
379 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 384 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
OLD | NEW |