| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ | 5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
| 6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ | 6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 12 #include "base/compiler_specific.h" | 12 #include "base/compiler_specific.h" |
| 13 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
| 14 #include "net/base/completion_callback.h" | 14 #include "net/base/completion_callback.h" |
| 15 #include "net/base/net_export.h" | 15 #include "net/base/net_export.h" |
| 16 #include "net/base/net_log.h" | 16 #include "net/base/net_log.h" |
| 17 #include "net/cert/cert_verify_result.h" | 17 #include "net/cert/cert_verify_result.h" |
| 18 #include "net/cert/x509_certificate.h" | 18 #include "net/cert/x509_certificate.h" |
| 19 #include "net/quic/crypto/proof_verifier.h" | 19 #include "net/quic/crypto/proof_verifier.h" |
| 20 | 20 |
| 21 namespace net { | 21 namespace net { |
| 22 | 22 |
| 23 class CertVerifier; | 23 class CertVerifier; |
| 24 class SingleRequestCertVerifier; | 24 class SingleRequestCertVerifier; |
| 25 | 25 |
| 26 // ProofVerifyDetailsChromium is the implementation-specific information that a |
| 27 // ProofVerifierChromium returns about a certificate verification. |
| 28 struct ProofVerifyDetailsChromium : public ProofVerifyDetails { |
| 29 public: |
| 30 CertVerifyResult cert_verify_result; |
| 31 }; |
| 32 |
| 26 // ProofVerifierChromium implements the QUIC ProofVerifier interface. | 33 // ProofVerifierChromium implements the QUIC ProofVerifier interface. |
| 27 // TODO(rtenneti): Add support for multiple requests for one ProofVerifier. | 34 // TODO(rtenneti): Add support for multiple requests for one ProofVerifier. |
| 28 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { | 35 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { |
| 29 public: | 36 public: |
| 30 ProofVerifierChromium(CertVerifier* cert_verifier, | 37 ProofVerifierChromium(CertVerifier* cert_verifier, |
| 31 const BoundNetLog& net_log); | 38 const BoundNetLog& net_log); |
| 32 virtual ~ProofVerifierChromium(); | 39 virtual ~ProofVerifierChromium(); |
| 33 | 40 |
| 34 // ProofVerifier interface | 41 // ProofVerifier interface |
| 35 virtual int VerifyProof(const std::string& hostname, | 42 virtual Status VerifyProof(const std::string& hostname, |
| 36 const std::string& server_config, | 43 const std::string& server_config, |
| 37 const std::vector<std::string>& certs, | 44 const std::vector<std::string>& certs, |
| 38 const std::string& signature, | 45 const std::string& signature, |
| 39 std::string* error_details, | 46 std::string* error_details, |
| 40 CertVerifyResult* cert_verify_result, | 47 scoped_ptr<ProofVerifyDetails>* details, |
| 41 const CompletionCallback& callback) OVERRIDE; | 48 ProofVerifierCallback* callback) OVERRIDE; |
| 42 | 49 |
| 43 private: | 50 private: |
| 44 enum State { | 51 enum State { |
| 45 STATE_NONE, | 52 STATE_NONE, |
| 46 STATE_VERIFY_CERT, | 53 STATE_VERIFY_CERT, |
| 47 STATE_VERIFY_CERT_COMPLETE, | 54 STATE_VERIFY_CERT_COMPLETE, |
| 48 }; | 55 }; |
| 49 | 56 |
| 50 int DoLoop(int last_io_result); | 57 int DoLoop(int last_io_result); |
| 51 void OnIOComplete(int result); | 58 void OnIOComplete(int result); |
| 52 int DoVerifyCert(int result); | 59 int DoVerifyCert(int result); |
| 53 int DoVerifyCertComplete(int result); | 60 int DoVerifyCertComplete(int result); |
| 54 | 61 |
| 55 bool VerifySignature(const std::string& signed_data, | 62 bool VerifySignature(const std::string& signed_data, |
| 56 const std::string& signature, | 63 const std::string& signature, |
| 57 const std::string& cert); | 64 const std::string& cert); |
| 58 | 65 |
| 59 // |cert_verifier_| and |verifier_| are used for verifying certificates. | 66 // |cert_verifier_| and |verifier_| are used for verifying certificates. |
| 60 CertVerifier* const cert_verifier_; | 67 CertVerifier* const cert_verifier_; |
| 61 scoped_ptr<SingleRequestCertVerifier> verifier_; | 68 scoped_ptr<SingleRequestCertVerifier> verifier_; |
| 62 | 69 |
| 63 // |hostname| specifies the hostname for which |certs| is a valid chain. | 70 // |hostname| specifies the hostname for which |certs| is a valid chain. |
| 64 std::string hostname_; | 71 std::string hostname_; |
| 65 | 72 |
| 66 CompletionCallback callback_; | 73 scoped_ptr<ProofVerifierCallback> callback_; |
| 67 | 74 scoped_ptr<ProofVerifyDetailsChromium> verify_details_; |
| 68 // The result of certificate verification. | 75 std::string error_details_; |
| 69 CertVerifyResult* cert_verify_result_; | |
| 70 std::string* error_details_; | |
| 71 | 76 |
| 72 // X509Certificate from a chain of DER encoded certificates. | 77 // X509Certificate from a chain of DER encoded certificates. |
| 73 scoped_refptr<X509Certificate> cert_; | 78 scoped_refptr<X509Certificate> cert_; |
| 74 | 79 |
| 75 State next_state_; | 80 State next_state_; |
| 76 | 81 |
| 77 BoundNetLog net_log_; | 82 BoundNetLog net_log_; |
| 78 | 83 |
| 79 DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); | 84 DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); |
| 80 }; | 85 }; |
| 81 | 86 |
| 82 } // namespace net | 87 } // namespace net |
| 83 | 88 |
| 84 #endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ | 89 #endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 20047002:
net: make QUIC ProofVerifier more generic. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src