net/quic/quic_crypto_client_stream.h - Issue 20047002: net: make QUIC ProofVerifier more generic.

Side by Side Diff: net/quic/quic_crypto_client_stream.h

Issue 20047002: net: make QUIC ProofVerifier more generic. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 7 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_	5 #ifndef NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_

6 #define NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_	6 #define NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_

7	7

8 #include <string>	8 #include <string>

9	9

10 #include "net/cert/cert_verify_result.h"	10 #include "net/cert/cert_verify_result.h"

11 #include "net/cert/x509_certificate.h"	11 #include "net/cert/x509_certificate.h"

12 #include "net/quic/crypto/crypto_handshake.h"	12 #include "net/quic/crypto/crypto_handshake.h"

13 #include "net/quic/quic_config.h"	13 #include "net/quic/quic_config.h"

14 #include "net/quic/quic_crypto_stream.h"	14 #include "net/quic/quic_crypto_stream.h"

15	15

16 namespace net {	16 namespace net {

17	17

	18 class ProofVerifierCallbackClientStream;

	19 class ProofVerifyDetails;

18 class QuicSession;	20 class QuicSession;

19 class SSLInfo;	21 class SSLInfo;

20	22

21 namespace test {	23 namespace test {

22 class CryptoTestUtils;	24 class CryptoTestUtils;

23 } // namespace test	25 } // namespace test

24	26

25 class NET_EXPORT_PRIVATE QuicCryptoClientStream : public QuicCryptoStream {	27 class NET_EXPORT_PRIVATE QuicCryptoClientStream : public QuicCryptoStream {

26 public:	28 public:

27 QuicCryptoClientStream(const string& server_hostname,	29 QuicCryptoClientStream(const string& server_hostname,

(...skipping 13 matching lines...) Expand all Loading...
41 // num_sent_client_hellos returns the number of client hello messages that	43 // num_sent_client_hellos returns the number of client hello messages that

42 // have been sent. If the handshake has completed then this is one greater	44 // have been sent. If the handshake has completed then this is one greater

43 // than the number of round-trips needed for the handshake.	45 // than the number of round-trips needed for the handshake.

44 int num_sent_client_hellos() const;	46 int num_sent_client_hellos() const;

45	47

46 // Gets the SSL connection information.	48 // Gets the SSL connection information.

47 bool GetSSLInfo(SSLInfo* ssl_info);	49 bool GetSSLInfo(SSLInfo* ssl_info);

48	50

49 private:	51 private:

50 friend class test::CryptoTestUtils;	52 friend class test::CryptoTestUtils;

	53 friend class ProofVerifierCallbackClientStream;

51	54

52 enum State {	55 enum State {

53 STATE_IDLE,	56 STATE_IDLE,

54 STATE_SEND_CHLO,	57 STATE_SEND_CHLO,

55 STATE_RECV_REJ,	58 STATE_RECV_REJ,

56 STATE_VERIFY_PROOF,	59 STATE_VERIFY_PROOF,

57 STATE_VERIFY_PROOF_COMPLETE,	60 STATE_VERIFY_PROOF_COMPLETE,

58 STATE_RECV_SHLO,	61 STATE_RECV_SHLO,

59 };	62 };

60	63

61 // DoHandshakeLoop performs a step of the handshake state machine. Note that	64 // DoHandshakeLoop performs a step of the handshake state machine. Note that

62 // \|in\| is NULL for the first call. OnVerifyProofComplete passes the \|result\|	65 // \|in\| may be NULL if the call did not result from a received message

63 // it has received from VerifyProof call (from all other places \|result\| is	66 void DoHandshakeLoop(const CryptoHandshakeMessage* in);

64 // set to OK).

65 void DoHandshakeLoop(const CryptoHandshakeMessage* in, int result);

66

67 // OnVerifyProofComplete is passed as the callback method to VerifyProof.

68 // ProofVerifier calls this method with the result of proof verification when

69 // verification is performed asynchronously.

70 void OnVerifyProofComplete(int result);

71

72 base::WeakPtrFactory<QuicCryptoClientStream> weak_factory_;

73	67

74 State next_state_;	68 State next_state_;

75 // num_client_hellos_ contains the number of client hello messages that this	69 // num_client_hellos_ contains the number of client hello messages that this

76 // connection has sent.	70 // connection has sent.

77 int num_client_hellos_;	71 int num_client_hellos_;

78	72

79 QuicCryptoClientConfig* const crypto_config_;	73 QuicCryptoClientConfig* const crypto_config_;

80	74

81 // Client's connection nonce (4-byte timestamp + 28 random bytes)	75 // Client's connection nonce (4-byte timestamp + 28 random bytes)

82 std::string nonce_;	76 std::string nonce_;

83 // Server's hostname	77 // Server's hostname

84 std::string server_hostname_;	78 std::string server_hostname_;

85	79

86 // Generation counter from QuicCryptoClientConfig's CachedState.	80 // Generation counter from QuicCryptoClientConfig's CachedState.

87 uint64 generation_counter_;	81 uint64 generation_counter_;

88	82

89 // The result of certificate verification.	83 // proof_verify_callback_ contains the callback object that we passed to an

90 // TODO(rtenneti): should we change CertVerifyResult to be	84 // asynchronous proof verification. The ProofVerifier owns this object.

91 // RefCountedThreadSafe object to avoid copying.	85 ProofVerifierCallbackClientStream* proof_verify_callback_;
	Ryan Hamilton 2013/07/23 18:40:50 nit: I don't think I understand the meaning of the nit: I don't think I understand the meaning of the "ClientStream" suffix on this class name. (Of course I don't have a better idea). agl 2013/07/23 21:04:57 It's the implementation of a callback object that Show quoted text On 2013/07/23 18:40:50, Ryan Hamilton wrote: > nit: I don't think I understand the meaning of the "ClientStream" suffix on this > class name. (Of course I don't have a better idea). It's the implementation of a callback object that calls back into a QuicCryptoClientStream. I guess it could be called QuicCryptoClientStreamProofVerifierCallback. But since that's silly, I've made it a private class, lexically within QuicCryptoClientStream. So it's QuicCryptoClientStream::ProofVerifierCallbackImpl. Does that work better? Ryan Hamilton 2013/07/23 21:19:16 Love it! Show quoted text On 2013/07/23 21:04:57, agl wrote: > On 2013/07/23 18:40:50, Ryan Hamilton wrote: > > nit: I don't think I understand the meaning of the "ClientStream" suffix on > this > > class name. (Of course I don't have a better idea). > > It's the implementation of a callback object that calls back into a > QuicCryptoClientStream. I guess it could be called > QuicCryptoClientStreamProofVerifierCallback. > > But since that's silly, I've made it a private class, lexically within > QuicCryptoClientStream. So it's > QuicCryptoClientStream::ProofVerifierCallbackImpl. Does that work better? Love it!
92 CertVerifyResult cert_verify_result_;

93	86

94 // Error details for ProofVerifier's VerifyProof call.	87 // These members are used to store the result of an asynchronous proof

95 std::string error_details_;	88 // verification.

	89 bool verify_ok_;

	90 string verify_error_details_;

	91 scoped_ptr<ProofVerifyDetails> verify_details_;

96	92

97 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientStream);	93 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientStream);

98 };	94 };

99	95

100 } // namespace net	96 } // namespace net

101	97

102 #endif // NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_	98 #endif // NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_

OLD	NEW