| OLD | NEW | 
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be | 
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. | 
| 4 | 4 | 
| 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 
| 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 
| 7 | 7 | 
| 8 #include <map> | 8 #include <map> | 
| 9 #include <string> | 9 #include <string> | 
| 10 #include <vector> | 10 #include <vector> | 
| 11 | 11 | 
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" | 
| 13 #include "base/strings/string_piece.h" | 13 #include "base/strings/string_piece.h" | 
| 14 #include "net/base/net_export.h" | 14 #include "net/base/net_export.h" | 
| 15 #include "net/cert/cert_verify_result.h" | 15 #include "net/cert/cert_verify_result.h" | 
| 16 #include "net/cert/x509_certificate.h" | 16 #include "net/cert/x509_certificate.h" | 
| 17 #include "net/quic/crypto/crypto_protocol.h" | 17 #include "net/quic/crypto/crypto_protocol.h" | 
|  | 18 #include "net/quic/crypto/proof_verifier.h" | 
| 18 #include "net/quic/quic_protocol.h" | 19 #include "net/quic/quic_protocol.h" | 
| 19 | 20 | 
| 20 namespace net { | 21 namespace net { | 
| 21 | 22 | 
| 22 class ChannelIDSigner; | 23 class ChannelIDSigner; | 
| 23 class CommonCertSets; | 24 class CommonCertSets; | 
| 24 class KeyExchange; | 25 class KeyExchange; | 
| 25 class ProofVerifier; | 26 class ProofVerifier; | 
| 26 class QuicDecrypter; | 27 class QuicDecrypter; | 
| 27 class QuicEncrypter; | 28 class QuicEncrypter; | 
| (...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after  Loading... | 
| 274     // revalidated. Helper function to keep server_config_valid_ and | 275     // revalidated. Helper function to keep server_config_valid_ and | 
| 275     // generation_counter_ in sync. | 276     // generation_counter_ in sync. | 
| 276     void SetProofInvalid(); | 277     void SetProofInvalid(); | 
| 277 | 278 | 
| 278     const std::string& server_config() const; | 279     const std::string& server_config() const; | 
| 279     const std::string& source_address_token() const; | 280     const std::string& source_address_token() const; | 
| 280     const std::vector<std::string>& certs() const; | 281     const std::vector<std::string>& certs() const; | 
| 281     const std::string& signature() const; | 282     const std::string& signature() const; | 
| 282     bool proof_valid() const; | 283     bool proof_valid() const; | 
| 283     uint64 generation_counter() const; | 284     uint64 generation_counter() const; | 
| 284     const CertVerifyResult* cert_verify_result() const; | 285     const ProofVerifyDetails* proof_verify_details() const; | 
| 285 | 286 | 
| 286     void set_source_address_token(base::StringPiece token); | 287     void set_source_address_token(base::StringPiece token); | 
| 287     void SetCertVerifyResult(const CertVerifyResult& cert_verify_result); | 288 | 
|  | 289     // SetProofVerifyDetails takes ownership of |details|. | 
|  | 290     void SetProofVerifyDetails(ProofVerifyDetails* details); | 
| 288 | 291 | 
| 289    private: | 292    private: | 
| 290     std::string server_config_id_;      // An opaque id from the server. | 293     std::string server_config_id_;      // An opaque id from the server. | 
| 291     std::string server_config_;         // A serialized handshake message. | 294     std::string server_config_;         // A serialized handshake message. | 
| 292     std::string source_address_token_;  // An opaque proof of IP ownership. | 295     std::string source_address_token_;  // An opaque proof of IP ownership. | 
| 293     std::vector<std::string> certs_;    // A list of certificates in leaf-first | 296     std::vector<std::string> certs_;    // A list of certificates in leaf-first | 
| 294                                         // order. | 297                                         // order. | 
| 295     std::string server_config_sig_;     // A signature of |server_config_|. | 298     std::string server_config_sig_;     // A signature of |server_config_|. | 
| 296     bool server_config_valid_;          // True if |server_config_| is correctly | 299     bool server_config_valid_;          // True if |server_config_| is correctly | 
| 297                                         // signed and |certs_| has been | 300                                         // signed and |certs_| has been | 
| 298                                         // validated. | 301                                         // validated. | 
| 299     // Generation counter associated with the |server_config_|, |certs_| and | 302     // Generation counter associated with the |server_config_|, |certs_| and | 
| 300     // |server_config_sig_| combination. It is incremented whenever we set | 303     // |server_config_sig_| combination. It is incremented whenever we set | 
| 301     // server_config_valid_ to false. | 304     // server_config_valid_ to false. | 
| 302     uint64 generation_counter_; | 305     uint64 generation_counter_; | 
| 303 | 306 | 
| 304     // The result of certificate verification. | 307     scoped_ptr<ProofVerifyDetails> proof_verify_details_; | 
| 305     // TODO(rtenneti): should we change CertVerifyResult to be |  | 
| 306     // RefCountedThreadSafe object to avoid copying. |  | 
| 307     CertVerifyResult cert_verify_result_; |  | 
| 308 | 308 | 
| 309     // scfg contains the cached, parsed value of |server_config|. | 309     // scfg contains the cached, parsed value of |server_config|. | 
| 310     mutable scoped_ptr<CryptoHandshakeMessage> scfg_; | 310     mutable scoped_ptr<CryptoHandshakeMessage> scfg_; | 
| 311   }; | 311   }; | 
| 312 | 312 | 
| 313   QuicCryptoClientConfig(); | 313   QuicCryptoClientConfig(); | 
| 314   ~QuicCryptoClientConfig(); | 314   ~QuicCryptoClientConfig(); | 
| 315 | 315 | 
| 316   // Sets the members to reasonable, default values. | 316   // Sets the members to reasonable, default values. | 
| 317   void SetDefaults(); | 317   void SetDefaults(); | 
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after  Loading... | 
| 390 | 390 | 
| 391   scoped_ptr<ProofVerifier> proof_verifier_; | 391   scoped_ptr<ProofVerifier> proof_verifier_; | 
| 392   scoped_ptr<ChannelIDSigner> channel_id_signer_; | 392   scoped_ptr<ChannelIDSigner> channel_id_signer_; | 
| 393 | 393 | 
| 394   DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); | 394   DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); | 
| 395 }; | 395 }; | 
| 396 | 396 | 
| 397 }  // namespace net | 397 }  // namespace net | 
| 398 | 398 | 
| 399 #endif  // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 399 #endif  // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 
| OLD | NEW | 
|---|