Index: net/quic/crypto/proof_verifier_chromium.h |
diff --git a/net/quic/crypto/proof_verifier_chromium.h b/net/quic/crypto/proof_verifier_chromium.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..71176de4def23a998466bcd22c0cc0a976dc33a1 |
--- /dev/null |
+++ b/net/quic/crypto/proof_verifier_chromium.h |
@@ -0,0 +1,86 @@ |
+// Copyright 2013 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
+#define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
+ |
+#include <string> |
+#include <vector> |
+ |
+#include "base/basictypes.h" |
+#include "base/compiler_specific.h" |
+#include "base/memory/scoped_ptr.h" |
+#include "net/base/completion_callback.h" |
+#include "net/base/net_export.h" |
+#include "net/base/net_log.h" |
+#include "net/cert/cert_verify_result.h" |
+#include "net/cert/x509_certificate.h" |
+#include "net/quic/crypto/proof_verifier.h" |
+ |
+namespace net { |
+ |
+class BoundNetLog; |
+class CertVerifier; |
+class CertVerifyResult; |
+class SingleRequestCertVerifier; |
+class X509Certificate; |
+ |
+// ProofVerifierChromium implements the QUIC ProofVerifier interface. |
+class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { |
+ public: |
+ explicit ProofVerifierChromium(CertVerifier* cert_verifier); |
+ virtual ~ProofVerifierChromium(); |
+ |
+ // ProofVerifier interface |
+ virtual int VerifyProof(const std::string& hostname, |
+ const std::string& server_config, |
+ const std::vector<std::string>& certs, |
+ const std::string& signature, |
+ const CompletionCallback& callback) OVERRIDE; |
+ virtual std::string error_details() OVERRIDE; |
+ |
+ private: |
+ enum State { |
+ STATE_NONE, |
+ STATE_VERIFY_CERT, |
+ STATE_VERIFY_CERT_COMPLETE, |
+ }; |
+ |
+ int VerifyChain(); |
+ |
+ int DoLoop(int last_io_result); |
+ void OnIOComplete(int result); |
+ int DoVerifyCert(int result); |
+ int DoVerifyCertComplete(int result); |
+ |
+ bool VerifySignature(const std::string& signed_data, |
+ const std::string& signature, |
+ const std::string& cert); |
+ |
+ // |cert_verifier_| and |verifier_| are used for verifying certificates. |
+ CertVerifier* const cert_verifier_; |
+ scoped_ptr<SingleRequestCertVerifier> verifier_; |
+ |
+ // |hostname| specifies the hostname for which |certs| is a valid chain. |
+ std::string hostname_; |
+ |
+ CompletionCallback callback_; |
+ |
+ // The result of certificate verification. |
+ CertVerifyResult cert_verify_result_; |
agl
2013/07/01 16:23:18
These members suggest that you're going to have to
ramant (doing other things)
2013/07/02 14:19:50
We thought we would have one ProofVerifier per Ses
|
+ std::string error_details_; |
+ |
+ // X509Certificate from a chain of DER encoded certificates. |
+ scoped_refptr<X509Certificate> cert_; |
+ |
+ State next_state_; |
+ |
+ BoundNetLog net_log_; |
wtc
2013/07/02 00:56:38
The net_log_ member probably should be initialized
ramant (doing other things)
2013/07/02 14:19:50
Done.
|
+ |
+ DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); |
+}; |
+ |
+} // namespace net |
+ |
+#endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |