Refactoring output of ProofSource::GetProof (no functional changes).

net/quic/core/crypto/quic_crypto_server_config.h

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_
 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_
 
 #include <stddef.h>
 #include <stdint.h>
 
@@ skipping 25 matching lines @@
 class EphemeralKeySource;
 class KeyExchange;
 class ProofSource;
 class QuicClock;
 class QuicDecrypter;
 class QuicEncrypter;
 class QuicRandom;
 class QuicServerConfigProtobuf;
 class StrikeRegister;
 class StrikeRegisterClient;
-struct QuicCryptoProof;
+struct QuicSignedServerConfig;
 
 // ClientHelloInfo contains information about a client hello message that is
 // only kept for as long as it's being processed.
 struct ClientHelloInfo {
   ClientHelloInfo(const IPAddress& in_client_ip, QuicWallTime in_now);
   ClientHelloInfo(const ClientHelloInfo& other);
   ~ClientHelloInfo();
 
   // Inputs to EvaluateClientHello.
   const IPAddress client_ip;
@@ skipping 217 matching lines @@
   //     ValidatedClientHelloMsg token that holds information about
   //     the client hello.  The callback will always be called exactly
   //     once, either under the current call stack, or after the
   //     completion of an asynchronous operation.
   void ValidateClientHello(
       const CryptoHandshakeMessage& client_hello,
       const IPAddress& client_ip,
       const IPAddress& server_ip,
       QuicVersion version,
       const QuicClock* clock,
-      scoped_refptr<QuicCryptoProof> crypto_proof,
+      scoped_refptr<QuicSignedServerConfig> crypto_proof,
       std::unique_ptr<ValidateClientHelloResultCallback> done_cb) const;
 
   // ProcessClientHello processes |client_hello| and decides whether to accept
   // or reject the connection. If the connection is to be accepted, |done_cb| is
   // invoked with the contents of the ServerHello and QUIC_NO_ERROR. Otherwise
   // |done_cb| is called with a REJ or SREJ message and QUIC_NO_ERROR.
   //
   // validate_chlo_result: Output from the asynchronous call to
   //     ValidateClientHello.  Contains the client hello message and
   //     information about it.
@@ skipping 26 matching lines @@
       const IPAddress& server_ip,
       const IPEndPoint& client_address,
       QuicVersion version,
       const QuicVersionVector& supported_versions,
       bool use_stateless_rejects,
       QuicConnectionId server_designated_connection_id,
       const QuicClock* clock,
       QuicRandom* rand,
       QuicCompressedCertsCache* compressed_certs_cache,
       scoped_refptr<QuicCryptoNegotiatedParameters> params,
-      scoped_refptr<QuicCryptoProof> crypto_proof,
+      scoped_refptr<QuicSignedServerConfig> crypto_proof,
       QuicByteCount total_framing_overhead,
       QuicByteCount chlo_packet_size,
       std::unique_ptr<ProcessClientHelloResultCallback> done_cb) const;
 
   // BuildServerConfigUpdateMessage sets |out| to be a SCUP message containing
   // the current primary config, an up to date source-address token, and cert
   // chain and proof in the case of secure QUIC. Returns true if successfully
   // filled |out|.
   //
   // |cached_network_params| is optional, and can be nullptr.
@@ skipping 112 matching lines @@
   int NumberOfConfigs() const;
 
   // Callers retain the ownership of |rejection_observer| which must outlive the
   // config.
   void set_rejection_observer(RejectionObserver* rejection_observer) {
     rejection_observer_ = rejection_observer;
   }
 
  private:
   friend class test::QuicCryptoServerConfigPeer;
-  friend struct QuicCryptoProof;
+  friend struct QuicSignedServerConfig;
 
   // Config represents a server config: a collection of preferences and
   // Diffie-Hellman public values.
   class NET_EXPORT_PRIVATE Config : public QuicCryptoConfig,
                                     public base::RefCounted<Config> {
    public:
     Config();
 
     // TODO(rtenneti): since this is a class, we should probably do
     // getters/setters here.
@@ skipping 70 matching lines @@
   void SelectNewPrimaryConfig(QuicWallTime now) const;
 
   // EvaluateClientHello checks |client_hello| for gross errors and determines
   // whether it can be shown to be fresh (i.e. not a replay). The results are
   // written to |info|.
   void EvaluateClientHello(
       const IPAddress& server_ip,
       QuicVersion version,
       scoped_refptr<Config> requested_config,
       scoped_refptr<Config> primary_config,
-      scoped_refptr<QuicCryptoProof> crypto_proof,
+      scoped_refptr<QuicSignedServerConfig> crypto_proof,
       scoped_refptr<ValidateClientHelloResultCallback::Result>
           client_hello_state,
       std::unique_ptr<ValidateClientHelloResultCallback> done_cb) const;
 
   // Callback class for bridging between EvaluateClientHello and
   // EvaluateClientHelloAfterGetProof.
   class EvaluateClientHelloCallback;
   friend class EvaluateClientHelloCallback;
 
   // Continuation of EvaluateClientHello after the call to
   // ProofSource::GetProof.  |found_error| indicates whether an error was
   // detected in EvaluateClientHello, and |get_proof_failed| indicates whether
   // GetProof failed.  If GetProof was not run, then |get_proof_failed| will be
   // set to false.
   void EvaluateClientHelloAfterGetProof(
       bool found_error,
       const IPAddress& server_ip,
       QuicVersion version,
       scoped_refptr<Config> requested_config,
       scoped_refptr<Config> primary_config,
-      scoped_refptr<QuicCryptoProof> crypto_proof,
+      scoped_refptr<QuicSignedServerConfig> crypto_proof,
       std::unique_ptr<ProofSource::Details> proof_source_details,
       bool get_proof_failed,
       scoped_refptr<ValidateClientHelloResultCallback::Result>
           client_hello_state,
       std::unique_ptr<ValidateClientHelloResultCallback> done_cb) const;
 
   // Callback class for bridging between ProcessClientHello and
   // ProcessClientHelloAfterGetProof.
   class ProcessClientHelloCallback;
   friend class ProcessClientHelloCallback;
 
   // Portion of ProcessClientHello which executes after GetProof.
   void ProcessClientHelloAfterGetProof(
       bool found_error,
       std::unique_ptr<ProofSource::Details> proof_source_details,
       const ValidateClientHelloResultCallback::Result& validate_chlo_result,
       bool reject_only,
       QuicConnectionId connection_id,
       const IPEndPoint& client_address,
       QuicVersion version,
       const QuicVersionVector& supported_versions,
       bool use_stateless_rejects,
       QuicConnectionId server_designated_connection_id,
       const QuicClock* clock,
       QuicRandom* rand,
       QuicCompressedCertsCache* compressed_certs_cache,
       scoped_refptr<QuicCryptoNegotiatedParameters> params,
-      scoped_refptr<QuicCryptoProof> crypto_proof,
+      scoped_refptr<QuicSignedServerConfig> crypto_proof,
       QuicByteCount total_framing_overhead,
       QuicByteCount chlo_packet_size,
       const scoped_refptr<Config>& requested_config,
       const scoped_refptr<Config>& primary_config,
       std::unique_ptr<ProcessClientHelloResultCallback> done_cb) const;
 
   // BuildRejection sets |out| to be a REJ message in reply to |client_hello|.
   void BuildRejection(QuicVersion version,
                       QuicWallTime now,
                       const Config& config,
                       const CryptoHandshakeMessage& client_hello,
                       const ClientHelloInfo& info,
                       const CachedNetworkParameters& cached_network_params,
                       bool use_stateless_rejects,
                       QuicConnectionId server_designated_connection_id,
                       QuicRandom* rand,
                       QuicCompressedCertsCache* compressed_certs_cache,
                       scoped_refptr<QuicCryptoNegotiatedParameters> params,
-                      const QuicCryptoProof& crypto_proof,
+                      const QuicSignedServerConfig& crypto_proof,
                       QuicByteCount total_framing_overhead,
                       QuicByteCount chlo_packet_size,
                       CryptoHandshakeMessage* out) const;
 
   // CompressChain compresses the certificates in |chain->certs| and returns a
   // compressed representation. |common_sets| contains the common certificate
   // sets known locally and |client_common_set_hashes| contains the hashes of
   // the common sets known to the peer. |client_cached_cert_hashes| contains
   // 64-bit, FNV-1a hashes of certificates that the peer already possesses.
   static std::string CompressChain(
@@ skipping 68 matching lines @@
       QuicWallTime now) const;
 
   // ValidateExpectedLeafCertificate checks the |client_hello| to see if it has
   // an XLCT tag, and if so, verifies that its value matches the hash of the
   // server's leaf certificate. The certs field of |crypto_proof| is used to
   // compare against the XLCT value.  This method returns true if the XLCT tag
   // is not present, or if the XLCT tag is present and valid. It returns false
   // otherwise.
   bool ValidateExpectedLeafCertificate(
       const CryptoHandshakeMessage& client_hello,
-      const QuicCryptoProof& crypto_proof) const;
+      const QuicSignedServerConfig& crypto_proof) const;
 
   // Returns true if the PDMD field from the client hello demands an X509
   // certificate.
   bool ClientDemandsX509Proof(const CryptoHandshakeMessage& client_hello) const;
 
   // Callback to receive the results of ProofSource::GetProof.  Note: this
   // callback has no cancellation support, since the lifetime of the ProofSource
   // is controlled by this object via unique ownership.  If that ownership
   // stricture changes, this decision may need to be revisited.
   class BuildServerConfigUpdateMessageProofSourceCallback
       : public ProofSource::Callback {
    public:
     BuildServerConfigUpdateMessageProofSourceCallback(
         const BuildServerConfigUpdateMessageProofSourceCallback&) = delete;
     ~BuildServerConfigUpdateMessageProofSourceCallback() override;
     void operator=(const BuildServerConfigUpdateMessageProofSourceCallback&) =
         delete;
     BuildServerConfigUpdateMessageProofSourceCallback(
         const QuicCryptoServerConfig* config,
         QuicVersion version,
         QuicCompressedCertsCache* compressed_certs_cache,
         const CommonCertSets* common_cert_sets,
         const QuicCryptoNegotiatedParameters& params,
         CryptoHandshakeMessage message,
         std::unique_ptr<BuildServerConfigUpdateMessageResultCallback> cb);
 
     void Run(bool ok,
              const scoped_refptr<ProofSource::Chain>& chain,
-             const std::string& signature,
-             const std::string& leaf_cert_sct,
+             const QuicCryptoProof& proof,
              std::unique_ptr<ProofSource::Details> details) override;
 
    private:
     const QuicCryptoServerConfig* config_;
     const QuicVersion version_;
     QuicCompressedCertsCache* compressed_certs_cache_;
     const CommonCertSets* common_cert_sets_;
     const std::string client_common_set_hashes_;
     const std::string client_cached_cert_hashes_;
     const bool sct_supported_by_client_;
@@ skipping 89 matching lines @@
 
   // Enable serving SCT or not.
   bool enable_serving_sct_;
 
   // Does not own this observer.
   RejectionObserver* rejection_observer_;
 
   DISALLOW_COPY_AND_ASSIGN(QuicCryptoServerConfig);
 };
 
-struct NET_EXPORT_PRIVATE QuicCryptoProof
-    : public base::RefCounted<QuicCryptoProof> {
-  QuicCryptoProof();
+struct NET_EXPORT_PRIVATE QuicSignedServerConfig
+    : public base::RefCounted<QuicSignedServerConfig> {
+  QuicSignedServerConfig();
 
+  // TODO(eranm): Have a QuicCryptoProof field instead of signature, cert_sct.
   std::string signature;
   scoped_refptr<ProofSource::Chain> chain;
   std::string cert_sct;
   // The server config that is used for this proof (and the rest of the
   // request).
   scoped_refptr<QuicCryptoServerConfig::Config> config;
   std::string primary_scid;
 
  private:
-  friend class base::RefCounted<QuicCryptoProof>;
-  virtual ~QuicCryptoProof();
+  friend class base::RefCounted<QuicSignedServerConfig>;
+  virtual ~QuicSignedServerConfig();
 };
 
 }  // namespace net
 
 #endif  // NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_