OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
7 | 7 |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <string> | 10 #include <string> |
11 | 11 |
12 #include "base/gtest_prod_util.h" | 12 #include "base/gtest_prod_util.h" |
13 #include "base/strings/string_piece.h" | 13 #include "base/strings/string_piece.h" |
14 #include "net/base/completion_callback.h" | 14 #include "net/base/completion_callback.h" |
15 #include "net/base/load_flags.h" | 15 #include "net/base/load_flags.h" |
16 #include "net/base/net_errors.h" | 16 #include "net/base/net_errors.h" |
17 #include "net/socket/ssl_socket.h" | 17 #include "net/socket/ssl_socket.h" |
18 #include "net/socket/stream_socket.h" | 18 #include "net/socket/stream_socket.h" |
| 19 #include "net/ssl/token_binding.h" |
19 | 20 |
20 namespace base { | 21 namespace base { |
21 class FilePath; | 22 class FilePath; |
22 class SequencedTaskRunner; | 23 class SequencedTaskRunner; |
23 } | 24 } |
24 | 25 |
25 namespace crypto { | 26 namespace crypto { |
26 class ECPrivateKey; | 27 class ECPrivateKey; |
27 } | 28 } |
28 | 29 |
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
122 static bool IgnoreCertError(int error, int load_flags); | 123 static bool IgnoreCertError(int error, int load_flags); |
123 | 124 |
124 // ClearSessionCache clears the SSL session cache, used to resume SSL | 125 // ClearSessionCache clears the SSL session cache, used to resume SSL |
125 // sessions. | 126 // sessions. |
126 static void ClearSessionCache(); | 127 static void ClearSessionCache(); |
127 | 128 |
128 // Returns the ChannelIDService used by this socket, or NULL if | 129 // Returns the ChannelIDService used by this socket, or NULL if |
129 // channel ids are not supported. | 130 // channel ids are not supported. |
130 virtual ChannelIDService* GetChannelIDService() const = 0; | 131 virtual ChannelIDService* GetChannelIDService() const = 0; |
131 | 132 |
132 // Signs the EKM value for Token Binding with |*key| and puts it in |*out|. | 133 // Generates the signature used in Token Binding using key |*key| and for a |
133 // Returns a net error code. | 134 // Token Binding of type |tb_type|, putting the signature in |*out|. Returns a |
134 virtual Error GetSignedEKMForTokenBinding(crypto::ECPrivateKey* key, | 135 // net error code. |
135 std::vector<uint8_t>* out) = 0; | 136 virtual Error GetTokenBindingSignature(crypto::ECPrivateKey* key, |
| 137 TokenBindingType tb_type, |
| 138 std::vector<uint8_t>* out) = 0; |
136 | 139 |
137 // This method is only for debugging crbug.com/548423 and will be removed when | 140 // This method is only for debugging crbug.com/548423 and will be removed when |
138 // that bug is closed. This returns the channel ID key that was used when | 141 // that bug is closed. This returns the channel ID key that was used when |
139 // establishing the connection (or NULL if no channel ID was used). | 142 // establishing the connection (or NULL if no channel ID was used). |
140 virtual crypto::ECPrivateKey* GetChannelIDKey() const = 0; | 143 virtual crypto::ECPrivateKey* GetChannelIDKey() const = 0; |
141 | 144 |
142 // Returns true if the CECPQ1 (experimental post-quantum) experiment is | 145 // Returns true if the CECPQ1 (experimental post-quantum) experiment is |
143 // enabled. This should be removed after the experiment is ended, around | 146 // enabled. This should be removed after the experiment is ended, around |
144 // 2017-18. | 147 // 2017-18. |
145 static bool IsPostQuantumExperimentEnabled(); | 148 static bool IsPostQuantumExperimentEnabled(); |
(...skipping 27 matching lines...) Expand all Loading... |
173 | 176 |
174 // True if SCTs were received via a TLS extension. | 177 // True if SCTs were received via a TLS extension. |
175 bool signed_cert_timestamps_received_; | 178 bool signed_cert_timestamps_received_; |
176 // True if a stapled OCSP response was received. | 179 // True if a stapled OCSP response was received. |
177 bool stapled_ocsp_response_received_; | 180 bool stapled_ocsp_response_received_; |
178 }; | 181 }; |
179 | 182 |
180 } // namespace net | 183 } // namespace net |
181 | 184 |
182 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 185 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
OLD | NEW |