Cast device revocation checking.

components/cast_certificate/cast_cert_validator.h

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef COMPONENTS_CAST_CERTIFICATE_CAST_CERT_VALIDATOR_H_
 #define COMPONENTS_CAST_CERTIFICATE_CAST_CERT_VALIDATOR_H_
 
 #include <memory>
 #include <string>
 #include <vector>
 
 #include "base/compiler_specific.h"
 #include "base/macros.h"
 #include "base/strings/string_piece.h"
 #include "base/time/time.h"
 
 namespace cast_certificate {
 
+class CastCRL;
+
 // Describes the policy for a Device certificate.
 enum class CastDeviceCertPolicy {
   // The device certificate is unrestricted.
   NONE,
 
   // The device certificate is for an audio-only device.
   AUDIO_ONLY,
 };
 
+struct CRLOptions {
+  // If set to false, then revocation is only checked if a CRL is provided.
+  // If set to true, then revocation is always checked. An empty CRL results
+  // in failure.
+  bool crl_required = true;

[eroman, 2016/07/12 21:22:00]

Do you plan on adding other properties to this? If not, an enum should be
sufficient in place of CRLOptions.

[ryanchung, 2016/07/14 16:15:25]

Done. Don't have other properties in mind right now. Changed to enum.

+};
+
 // An object of this type is returned by the VerifyDeviceCert function, and can
 // be used for additional certificate-related operations, using the verified
 // certificate.
 class CertVerificationContext {
  public:
   CertVerificationContext() {}
   virtual ~CertVerificationContext() {}
 
   // Use the public key from the verified certificate to verify a
   // sha1WithRSAEncryption |signature| over arbitrary |data|. Both |signature|
@@ skipping 16 matching lines @@
 // Inputs:
 //
 // * |certs| is a chain of DER-encoded certificates:
 //   * |certs[0]| is the target certificate (i.e. the device certificate).
 //   * |certs[1..n-1]| are intermediates certificates to use in path building.
 //     Their ordering does not matter.
 //
 // * |time| is the UTC time to use for determining if the certificate
 //   is expired.
 //
+// * |crl| is the CRL to check for certificate revocation status.
+//   If this is a nullptr, then revocation checking is currently disabled.
+//

[eroman, 2016/07/12 21:22:00]

nit: remove extra space.

[ryanchung, 2016/07/14 16:15:25]

Done.

+//
+// * |crl_options| is for choosing how to handle the absence of a CRL.
+//   If crl_required is set to true, then an empty |crl| input would result
+//   in a failed verification. Otherwise, |crl| is ignored if it is absent.
+//
 // Outputs:
 //
 // Returns true on success, false on failure. On success the output
 // parameters are filled with more details:
 //
 //   * |context| is filled with an object that can be used to verify signatures
 //     using the device certificate's public key, as well as to extract other
 //     properties from the device certificate (Common Name).
 //   * |policy| is filled with an indication of the device certificate's policy
 //     (i.e. is it for audio-only devices or is it unrestricted?)
 bool VerifyDeviceCert(const std::vector<std::string>& certs,
                       const base::Time::Exploded& time,
                       std::unique_ptr<CertVerificationContext>* context,
-                      CastDeviceCertPolicy* policy) WARN_UNUSED_RESULT;
+                      CastDeviceCertPolicy* policy,
+                      const CastCRL* crl,
+                      CRLOptions& crl_options) WARN_UNUSED_RESULT;
 
 // Exposed only for unit-tests, not for use in production code.
 // Production code would get a context from VerifyDeviceCert().
 //
 // Constructs a VerificationContext that uses the provided public key.
 // The common name will be hardcoded to some test value.
 std::unique_ptr<CertVerificationContext> CertVerificationContextImplForTest(
     const base::StringPiece& spki);
 
 // Exposed only for testing, not for use in production code.
 //
 // Injects trusted root certificates into the CastTrustStore.

[eroman, 2016/07/12 21:22:00]

Injects --> Replaces
And can then remove the comment below.

[ryanchung, 2016/07/14 16:15:25]

Done.

 // |data| must remain valid and not be mutated throughout the lifetime of
 // the program.
+// Any existing trust anchors are cleared.
 // Warning: Using this function concurrently with VerifyDeviceCert()
 //          is not thread safe.
-bool AddTrustAnchorForTest(const uint8_t* data,
+bool SetTrustAnchorForTest(const uint8_t* data,
                            size_t length) WARN_UNUSED_RESULT;
 
 }  // namespace cast_certificate
 
 #endif  // COMPONENTS_CAST_CERTIFICATE_CAST_CERT_VALIDATOR_H_