Cast device revocation checking.

components/cast_certificate/cast_crl.h

Index: components/cast_certificate/cast_crl.h
diff --git a/components/cast_certificate/cast_crl.h b/components/cast_certificate/cast_crl.h
new file mode 100644
index 0000000000000000000000000000000000000000..60766813dbc2408640a466f329059e71de853b09
--- /dev/null
+++ b/components/cast_certificate/cast_crl.h
@@ -0,0 +1,72 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_CAST_CERTIFICATE_CAST_CRL_H_
+#define COMPONENTS_CAST_CERTIFICATE_CAST_CRL_H_
+
+#include <memory>
+#include <string>
+#include <vector>
+
+#include "base/compiler_specific.h"
+#include "base/memory/ref_counted.h"
+#include "base/time/time.h"
+
+namespace net {
+class ParsedCertificate;
+}  // namespace net
+
+namespace cast_certificate {
+
+// This class represents the CRL information parsed from the binary proto.
+class CastCRL {
+ public:
+  virtual ~CastCRL(){};
+
+  // Verifies the revocation status of a cast device certificate given a chain
+  // of DER-encoded certificates.
+  //
+  // Inputs:
+  // * |certs| is the verified chain of DER-encoded certificates:
+  //   * |certs[0]| is the target certificate (i.e. the device certificate)
+  //   * |certs[i]| is the certificate that issued certs[i-1]
+  //   * |certs.back()| must be trusted anchor.
+  //
+  // * |time| is the UTC time to use for determining if the certificate
+  //   is revoked.
+  virtual bool CheckRevocation(
+      const std::vector<scoped_refptr<net::ParsedCertificate>>& certs,

[eroman, 2016/07/12 21:22:01]

You can use the typedef net::ParsedCertificateList for this.

[ryanchung, 2016/07/14 16:15:26]

To use this without importing the .h file, I'll have to forward declare it like
this:

namespace net {
class ParsedCertificate;
using ParsedCertificateList = std::vector<scoped_refptr<ParsedCertificate>>;
}  // namespace net

Is there a better way?

[eroman, 2016/07/15 22:52:48]

I would just import the necessary file (that is what we do elsewhere).
If you are concerned it is pulling in too much stuff, we can extract a separate
file for parsed_certificate_list.h that contains just that definition. I
wouldn't worry about this though.

[ryanchung, 2016/07/18 23:39:07]

Done.

+      const base::Time::Exploded& time) const = 0;
+};
+
+// Parse and verify the CRL used to verify the revocation status of

[eroman, 2016/07/12 21:22:01]

nit:  Parse and verify --> Parses and verifies

[ryanchung, 2016/07/14 16:15:26]

Done.

+// Cast device certificates.
+//
+// Inputs:
+// * |crl_proto| is a serialized cast_certificate.CrlBundle proto.
+// * |time| is the UTC time to use for determining if the CRL is valid.
+// Output:
+// Returns the CRL object if success, nullptr otherwise.
+std::unique_ptr<CastCRL> ParseAndVerifyCRL(const std::string& crl_proto,
+                                           const base::Time::Exploded& time);
+
+// Exposed only for testing, not for use in production code.
+//
+// Injects trusted root certificates into the CastCRLTrustStore.
+// |data| must remain valid and not be mutated throughout the lifetime of

[eroman, 2016/07/12 21:22:01]

side-note: Perhaps we should remove this constraint and just make a copy.
This way it is easier to explain, and since it is test-only code anyway
efficiency doesn't matter as much as clarity.

[ryanchung, 2016/07/14 16:15:26]

Done.

+// the program.
+// Any existing trust anchors are cleared.
+// Warning: Using this function concurrently with CheckRevocation()
+//          is not thread safe.
+bool SetCRLTrustAnchorForTest(const uint8_t* data,
+                              size_t length) WARN_UNUSED_RESULT;
+
+// Exposed only for testing, not for use in production code.
+//
+// Clears trusted root certificates from CastCRLTrustStore
+void ClearCRLTrustAnchorForTest();
+
+}  // namespace cast_certificate
+
+#endif  // COMPONENTS_CAST_CERTIFICATE_CAST_CRL_H_