OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ | 5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ | 6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
12 #include "base/compiler_specific.h" | 12 #include "base/compiler_specific.h" |
13 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
14 #include "net/base/completion_callback.h" | 14 #include "net/base/completion_callback.h" |
15 #include "net/base/net_export.h" | 15 #include "net/base/net_export.h" |
16 #include "net/base/net_log.h" | 16 #include "net/base/net_log.h" |
17 #include "net/cert/cert_verify_result.h" | 17 #include "net/cert/cert_verify_result.h" |
18 #include "net/cert/x509_certificate.h" | 18 #include "net/cert/x509_certificate.h" |
19 #include "net/quic/crypto/proof_verifier.h" | 19 #include "net/quic/crypto/proof_verifier.h" |
20 | 20 |
21 namespace net { | 21 namespace net { |
22 | 22 |
23 class CertVerifier; | 23 class CertVerifier; |
24 class SingleRequestCertVerifier; | 24 class SingleRequestCertVerifier; |
25 | 25 |
26 // ProofVerifyDetailsChromium is the implementation-specific information that a | |
27 // ProofVerifierChromium returns about a certificate verification. | |
28 class ProofVerifyDetailsChromium : public ProofVerifyDetails { | |
29 public: | |
30 CertVerifyResult cert_verify_result; | |
Ryan Hamilton
2013/07/23 18:40:50
nit: the style guide prohibits public members in
agl
2013/07/23 21:04:57
Have made it a struct.
| |
31 }; | |
32 | |
26 // ProofVerifierChromium implements the QUIC ProofVerifier interface. | 33 // ProofVerifierChromium implements the QUIC ProofVerifier interface. |
27 // TODO(rtenneti): Add support for multiple requests for one ProofVerifier. | 34 // TODO(rtenneti): Add support for multiple requests for one ProofVerifier. |
28 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { | 35 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { |
29 public: | 36 public: |
30 ProofVerifierChromium(CertVerifier* cert_verifier, | 37 ProofVerifierChromium(CertVerifier* cert_verifier, |
31 const BoundNetLog& net_log); | 38 const BoundNetLog& net_log); |
32 virtual ~ProofVerifierChromium(); | 39 virtual ~ProofVerifierChromium(); |
33 | 40 |
34 // ProofVerifier interface | 41 // ProofVerifier interface |
35 virtual int VerifyProof(const std::string& hostname, | 42 virtual Status VerifyProof(const std::string& hostname, |
36 const std::string& server_config, | 43 const std::string& server_config, |
37 const std::vector<std::string>& certs, | 44 const std::vector<std::string>& certs, |
38 const std::string& signature, | 45 const std::string& signature, |
39 std::string* error_details, | 46 std::string* error_details, |
40 CertVerifyResult* cert_verify_result, | 47 scoped_ptr<ProofVerifyDetails>* details, |
41 const CompletionCallback& callback) OVERRIDE; | 48 ProofVerifierCallback* callback) OVERRIDE; |
42 | 49 |
43 private: | 50 private: |
44 enum State { | 51 enum State { |
45 STATE_NONE, | 52 STATE_NONE, |
46 STATE_VERIFY_CERT, | 53 STATE_VERIFY_CERT, |
47 STATE_VERIFY_CERT_COMPLETE, | 54 STATE_VERIFY_CERT_COMPLETE, |
48 }; | 55 }; |
49 | 56 |
50 int DoLoop(int last_io_result); | 57 int DoLoop(int last_io_result); |
51 void OnIOComplete(int result); | 58 void OnIOComplete(int result); |
52 int DoVerifyCert(int result); | 59 int DoVerifyCert(int result); |
53 int DoVerifyCertComplete(int result); | 60 int DoVerifyCertComplete(int result); |
54 | 61 |
55 bool VerifySignature(const std::string& signed_data, | 62 bool VerifySignature(const std::string& signed_data, |
56 const std::string& signature, | 63 const std::string& signature, |
57 const std::string& cert); | 64 const std::string& cert); |
58 | 65 |
59 // |cert_verifier_| and |verifier_| are used for verifying certificates. | 66 // |cert_verifier_| and |verifier_| are used for verifying certificates. |
60 CertVerifier* const cert_verifier_; | 67 CertVerifier* const cert_verifier_; |
61 scoped_ptr<SingleRequestCertVerifier> verifier_; | 68 scoped_ptr<SingleRequestCertVerifier> verifier_; |
62 | 69 |
63 // |hostname| specifies the hostname for which |certs| is a valid chain. | 70 // |hostname| specifies the hostname for which |certs| is a valid chain. |
64 std::string hostname_; | 71 std::string hostname_; |
65 | 72 |
66 CompletionCallback callback_; | 73 scoped_ptr<ProofVerifierCallback> callback_; |
67 | 74 ProofVerifyDetailsChromium* verify_details_; |
Ryan Hamilton
2013/07/23 18:40:50
can you add a comment about the ownership of |veri
agl
2013/07/23 21:04:57
Have made it a scoped_ptr.
| |
68 // The result of certificate verification. | 75 std::string error_details_; |
Ryan Hamilton
2013/07/23 18:40:50
Just to confirm my understanding, when we switch t
agl
2013/07/23 21:04:57
Yes. There will need to be some outstanding state
Ryan Hamilton
2013/07/23 21:19:16
Thanks.
| |
69 CertVerifyResult* cert_verify_result_; | |
70 std::string* error_details_; | |
71 | 76 |
72 // X509Certificate from a chain of DER encoded certificates. | 77 // X509Certificate from a chain of DER encoded certificates. |
73 scoped_refptr<X509Certificate> cert_; | 78 scoped_refptr<X509Certificate> cert_; |
74 | 79 |
75 State next_state_; | 80 State next_state_; |
76 | 81 |
77 BoundNetLog net_log_; | 82 BoundNetLog net_log_; |
78 | 83 |
79 DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); | 84 DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); |
80 }; | 85 }; |
81 | 86 |
82 } // namespace net | 87 } // namespace net |
83 | 88 |
84 #endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ | 89 #endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
OLD | NEW |