OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
7 | 7 |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <string> | 10 #include <string> |
11 | 11 |
12 #include "base/gtest_prod_util.h" | 12 #include "base/gtest_prod_util.h" |
13 #include "base/strings/string_piece.h" | 13 #include "base/strings/string_piece.h" |
14 #include "net/base/completion_callback.h" | 14 #include "net/base/completion_callback.h" |
15 #include "net/base/load_flags.h" | 15 #include "net/base/load_flags.h" |
16 #include "net/base/net_errors.h" | 16 #include "net/base/net_errors.h" |
17 #include "net/socket/ssl_socket.h" | 17 #include "net/socket/ssl_socket.h" |
18 #include "net/socket/stream_socket.h" | 18 #include "net/socket/stream_socket.h" |
| 19 #include "net/ssl/token_binding.h" |
19 | 20 |
20 namespace base { | 21 namespace base { |
21 class FilePath; | 22 class FilePath; |
22 class SequencedTaskRunner; | 23 class SequencedTaskRunner; |
23 } | 24 } |
24 | 25 |
25 namespace crypto { | 26 namespace crypto { |
26 class ECPrivateKey; | 27 class ECPrivateKey; |
27 } | 28 } |
28 | 29 |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
101 static bool IgnoreCertError(int error, int load_flags); | 102 static bool IgnoreCertError(int error, int load_flags); |
102 | 103 |
103 // ClearSessionCache clears the SSL session cache, used to resume SSL | 104 // ClearSessionCache clears the SSL session cache, used to resume SSL |
104 // sessions. | 105 // sessions. |
105 static void ClearSessionCache(); | 106 static void ClearSessionCache(); |
106 | 107 |
107 // Returns the ChannelIDService used by this socket, or NULL if | 108 // Returns the ChannelIDService used by this socket, or NULL if |
108 // channel ids are not supported. | 109 // channel ids are not supported. |
109 virtual ChannelIDService* GetChannelIDService() const = 0; | 110 virtual ChannelIDService* GetChannelIDService() const = 0; |
110 | 111 |
111 // Signs the EKM value for Token Binding with |*key| and puts it in |*out|. | 112 // Generates the signature used in Token Binding using key |*key| and for a |
112 // Returns a net error code. | 113 // Token Binding of type |tb_type|, putting the signature in |*out|. Returns a |
113 virtual Error GetSignedEKMForTokenBinding(crypto::ECPrivateKey* key, | 114 // net error code. |
114 std::vector<uint8_t>* out) = 0; | 115 virtual Error GetTokenBindingSignature(crypto::ECPrivateKey* key, |
| 116 TokenBindingType tb_type, |
| 117 std::vector<uint8_t>* out) = 0; |
115 | 118 |
116 // This method is only for debugging crbug.com/548423 and will be removed when | 119 // This method is only for debugging crbug.com/548423 and will be removed when |
117 // that bug is closed. This returns the channel ID key that was used when | 120 // that bug is closed. This returns the channel ID key that was used when |
118 // establishing the connection (or NULL if no channel ID was used). | 121 // establishing the connection (or NULL if no channel ID was used). |
119 virtual crypto::ECPrivateKey* GetChannelIDKey() const = 0; | 122 virtual crypto::ECPrivateKey* GetChannelIDKey() const = 0; |
120 | 123 |
121 // Returns true if the CECPQ1 (experimental post-quantum) experiment is | 124 // Returns true if the CECPQ1 (experimental post-quantum) experiment is |
122 // enabled. This should be removed after the experiment is ended, around | 125 // enabled. This should be removed after the experiment is ended, around |
123 // 2017-18. | 126 // 2017-18. |
124 static bool IsPostQuantumExperimentEnabled(); | 127 static bool IsPostQuantumExperimentEnabled(); |
(...skipping 27 matching lines...) Expand all Loading... |
152 | 155 |
153 // True if SCTs were received via a TLS extension. | 156 // True if SCTs were received via a TLS extension. |
154 bool signed_cert_timestamps_received_; | 157 bool signed_cert_timestamps_received_; |
155 // True if a stapled OCSP response was received. | 158 // True if a stapled OCSP response was received. |
156 bool stapled_ocsp_response_received_; | 159 bool stapled_ocsp_response_received_; |
157 }; | 160 }; |
158 | 161 |
159 } // namespace net | 162 } // namespace net |
160 | 163 |
161 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ | 164 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_H_ |
OLD | NEW |