Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(789)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/browser/api/cast_channel/cast_auth_util.h

Issue 2303673004: Hook up Chrome Cast sender to Cast CRL. (Closed)
Patch Set: Fixed nit Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « extensions/browser/BUILD.gn ('k') | extensions/browser/api/cast_channel/cast_auth_util.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_ 5 #ifndef EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_
6 #define EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_ 6 #define EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "base/memory/ref_counted.h" 10 #include "base/memory/ref_counted.h"
11 #include "base/time/time.h"
12
13 namespace cast_certificate {
14 enum class CRLPolicy;
15 }
11 16
12 namespace net { 17 namespace net {
13 class X509Certificate; 18 class X509Certificate;
19 class TrustStore;
14 } // namespace net 20 } // namespace net
15 21
16 namespace extensions { 22 namespace extensions {
17 namespace api { 23 namespace api {
18 namespace cast_channel { 24 namespace cast_channel {
19 25
20 class AuthResponse; 26 class AuthResponse;
21 class CastMessage; 27 class CastMessage;
22 class DeviceAuthMessage; 28 class DeviceAuthMessage;
23 29
24 struct AuthResult { 30 struct AuthResult {
25 public: 31 public:
26 enum ErrorType { 32 enum ErrorType {
27 ERROR_NONE, 33 ERROR_NONE,
28 ERROR_PEER_CERT_EMPTY, 34 ERROR_PEER_CERT_EMPTY,
29 ERROR_WRONG_PAYLOAD_TYPE, 35 ERROR_WRONG_PAYLOAD_TYPE,
30 ERROR_NO_PAYLOAD, 36 ERROR_NO_PAYLOAD,
31 ERROR_PAYLOAD_PARSING_FAILED, 37 ERROR_PAYLOAD_PARSING_FAILED,
32 ERROR_MESSAGE_ERROR, 38 ERROR_MESSAGE_ERROR,
33 ERROR_NO_RESPONSE, 39 ERROR_NO_RESPONSE,
34 ERROR_FINGERPRINT_NOT_FOUND, 40 ERROR_FINGERPRINT_NOT_FOUND,
35 ERROR_CERT_PARSING_FAILED, 41 ERROR_CERT_PARSING_FAILED,
36 ERROR_CERT_NOT_SIGNED_BY_TRUSTED_CA, 42 ERROR_CERT_NOT_SIGNED_BY_TRUSTED_CA,
37 ERROR_CANNOT_EXTRACT_PUBLIC_KEY, 43 ERROR_CANNOT_EXTRACT_PUBLIC_KEY,
38 ERROR_SIGNED_BLOBS_MISMATCH, 44 ERROR_SIGNED_BLOBS_MISMATCH,
39 ERROR_UNEXPECTED_AUTH_LIBRARY_RESULT, 45 ERROR_TLS_CERT_VALIDITY_PERIOD_TOO_LONG,
40 ERROR_VALIDITY_PERIOD_TOO_LONG, 46 ERROR_TLS_CERT_VALID_START_DATE_IN_FUTURE,
41 ERROR_VALID_START_DATE_IN_FUTURE, 47 ERROR_TLS_CERT_EXPIRED,
42 ERROR_CERT_EXPIRED, 48 ERROR_CRL_INVALID,
49 ERROR_CERT_REVOKED,
43 }; 50 };
44 51
45 enum PolicyType { POLICY_NONE = 0, POLICY_AUDIO_ONLY = 1 << 0 }; 52 enum PolicyType { POLICY_NONE = 0, POLICY_AUDIO_ONLY = 1 << 0 };
46 53
47 // Constructs a AuthResult that corresponds to success. 54 // Constructs a AuthResult that corresponds to success.
48 AuthResult(); 55 AuthResult();
49 56
50 AuthResult(const std::string& error_message, ErrorType error_type); 57 AuthResult(const std::string& error_message, ErrorType error_type);
51 58
52 ~AuthResult(); 59 ~AuthResult();
(...skipping 13 matching lines...) Expand all
66 // 2. Certficate used to sign is rooted to a trusted CA. 73 // 2. Certficate used to sign is rooted to a trusted CA.
67 AuthResult AuthenticateChallengeReply(const CastMessage& challenge_reply, 74 AuthResult AuthenticateChallengeReply(const CastMessage& challenge_reply,
68 const net::X509Certificate& peer_cert); 75 const net::X509Certificate& peer_cert);
69 76
70 // Auth-library specific implementation of cryptographic signature 77 // Auth-library specific implementation of cryptographic signature
71 // verification routines. Verifies that |response| contains a 78 // verification routines. Verifies that |response| contains a
72 // valid signature of |signature_input|. 79 // valid signature of |signature_input|.
73 AuthResult VerifyCredentials(const AuthResponse& response, 80 AuthResult VerifyCredentials(const AuthResponse& response,
74 const std::string& signature_input); 81 const std::string& signature_input);
75 82
83 // Exposed for testing only.
84 //
85 // Overloaded version of VerifyCredentials that allows modifying
86 // the crl policy, trust stores, and verification times.
87 AuthResult VerifyCredentialsForTest(
88 const AuthResponse& response,
89 const std::string& signature_input,
90 const cast_certificate::CRLPolicy& crl_policy,
91 net::TrustStore* cast_trust_store,
92 net::TrustStore* crl_trust_store,
93 const base::Time& verification_time);
94
76 } // namespace cast_channel 95 } // namespace cast_channel
77 } // namespace api 96 } // namespace api
78 } // namespace extensions 97 } // namespace extensions
79 98
80 #endif // EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_ 99 #endif // EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_
OLDNEW
« no previous file with comments | « extensions/browser/BUILD.gn ('k') | extensions/browser/api/cast_channel/cast_auth_util.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698