Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(66)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/proof_verifier_chromium.cc

Issue 309013006: Add quic_types.h and move the typedefs unrelated to the QUIC protocol (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/quic/crypto/proof_verifier_chromium.h ('k') | net/quic/quic_connection.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/proof_verifier_chromium.h" 5 #include "net/quic/crypto/proof_verifier_chromium.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/bind_helpers.h" 8 #include "base/bind_helpers.h"
9 #include "base/callback_helpers.h" 9 #include "base/callback_helpers.h"
10 #include "base/compiler_specific.h" 10 #include "base/compiler_specific.h"
(...skipping 24 matching lines...) Expand all
35 // ProofVerifier. If the verification can not complete synchronously, it 35 // ProofVerifier. If the verification can not complete synchronously, it
36 // will notify the ProofVerifier upon completion. 36 // will notify the ProofVerifier upon completion.
37 class ProofVerifierChromium::Job { 37 class ProofVerifierChromium::Job {
38 public: 38 public:
39 Job(ProofVerifierChromium* proof_verifier, 39 Job(ProofVerifierChromium* proof_verifier,
40 CertVerifier* cert_verifier, 40 CertVerifier* cert_verifier,
41 const BoundNetLog& net_log); 41 const BoundNetLog& net_log);
42 42
43 // Starts the proof verification. If |PENDING| is returned, then |callback| 43 // Starts the proof verification. If |PENDING| is returned, then |callback|
44 // will be invoked asynchronously when the verification completes. 44 // will be invoked asynchronously when the verification completes.
45 Status VerifyProof(const std::string& hostname, 45 QuicAsyncStatus VerifyProof(const std::string& hostname,
46 const std::string& server_config, 46 const std::string& server_config,
47 const std::vector<std::string>& certs, 47 const std::vector<std::string>& certs,
48 const std::string& signature, 48 const std::string& signature,
49 std::string* error_details, 49 std::string* error_details,
50 scoped_ptr<ProofVerifyDetails>* verify_details, 50 scoped_ptr<ProofVerifyDetails>* verify_details,
51 ProofVerifierCallback* callback); 51 ProofVerifierCallback* callback);
52 52
53 private: 53 private:
54 enum State { 54 enum State {
55 STATE_NONE, 55 STATE_NONE,
56 STATE_VERIFY_CERT, 56 STATE_VERIFY_CERT,
57 STATE_VERIFY_CERT_COMPLETE, 57 STATE_VERIFY_CERT_COMPLETE,
58 }; 58 };
59 59
60 int DoLoop(int last_io_result); 60 int DoLoop(int last_io_result);
61 void OnIOComplete(int result); 61 void OnIOComplete(int result);
(...skipping 29 matching lines...) Expand all
91 91
92 ProofVerifierChromium::Job::Job(ProofVerifierChromium* proof_verifier, 92 ProofVerifierChromium::Job::Job(ProofVerifierChromium* proof_verifier,
93 CertVerifier* cert_verifier, 93 CertVerifier* cert_verifier,
94 const BoundNetLog& net_log) 94 const BoundNetLog& net_log)
95 : proof_verifier_(proof_verifier), 95 : proof_verifier_(proof_verifier),
96 verifier_(new SingleRequestCertVerifier(cert_verifier)), 96 verifier_(new SingleRequestCertVerifier(cert_verifier)),
97 next_state_(STATE_NONE), 97 next_state_(STATE_NONE),
98 net_log_(net_log) { 98 net_log_(net_log) {
99 } 99 }
100 100
101 ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof( 101 QuicAsyncStatus ProofVerifierChromium::Job::VerifyProof(
102 const string& hostname, 102 const string& hostname,
103 const string& server_config, 103 const string& server_config,
104 const vector<string>& certs, 104 const vector<string>& certs,
105 const string& signature, 105 const string& signature,
106 std::string* error_details, 106 std::string* error_details,
107 scoped_ptr<ProofVerifyDetails>* verify_details, 107 scoped_ptr<ProofVerifyDetails>* verify_details,
108 ProofVerifierCallback* callback) { 108 ProofVerifierCallback* callback) {
109 DCHECK(error_details); 109 DCHECK(error_details);
110 DCHECK(verify_details); 110 DCHECK(verify_details);
111 DCHECK(callback); 111 DCHECK(callback);
112 112
113 error_details->clear(); 113 error_details->clear();
114 114
115 if (STATE_NONE != next_state_) { 115 if (STATE_NONE != next_state_) {
116 *error_details = "Certificate is already set and VerifyProof has begun"; 116 *error_details = "Certificate is already set and VerifyProof has begun";
117 DLOG(DFATAL) << *error_details; 117 DLOG(DFATAL) << *error_details;
118 return FAILURE; 118 return QUIC_FAILURE;
119 } 119 }
120 120
121 verify_details_.reset(new ProofVerifyDetailsChromium); 121 verify_details_.reset(new ProofVerifyDetailsChromium);
122 122
123 if (certs.empty()) { 123 if (certs.empty()) {
124 *error_details = "Failed to create certificate chain. Certs are empty."; 124 *error_details = "Failed to create certificate chain. Certs are empty.";
125 DLOG(WARNING) << *error_details; 125 DLOG(WARNING) << *error_details;
126 verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID; 126 verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID;
127 verify_details->reset(verify_details_.release()); 127 verify_details->reset(verify_details_.release());
128 return FAILURE; 128 return QUIC_FAILURE;
129 } 129 }
130 130
131 // Convert certs to X509Certificate. 131 // Convert certs to X509Certificate.
132 vector<StringPiece> cert_pieces(certs.size()); 132 vector<StringPiece> cert_pieces(certs.size());
133 for (unsigned i = 0; i < certs.size(); i++) { 133 for (unsigned i = 0; i < certs.size(); i++) {
134 cert_pieces[i] = base::StringPiece(certs[i]); 134 cert_pieces[i] = base::StringPiece(certs[i]);
135 } 135 }
136 cert_ = X509Certificate::CreateFromDERCertChain(cert_pieces); 136 cert_ = X509Certificate::CreateFromDERCertChain(cert_pieces);
137 if (!cert_.get()) { 137 if (!cert_.get()) {
138 *error_details = "Failed to create certificate chain"; 138 *error_details = "Failed to create certificate chain";
139 DLOG(WARNING) << *error_details; 139 DLOG(WARNING) << *error_details;
140 verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID; 140 verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID;
141 verify_details->reset(verify_details_.release()); 141 verify_details->reset(verify_details_.release());
142 return FAILURE; 142 return QUIC_FAILURE;
143 } 143 }
144 144
145 // We call VerifySignature first to avoid copying of server_config and 145 // We call VerifySignature first to avoid copying of server_config and
146 // signature. 146 // signature.
147 if (!VerifySignature(server_config, signature, certs[0])) { 147 if (!VerifySignature(server_config, signature, certs[0])) {
148 *error_details = "Failed to verify signature of server config"; 148 *error_details = "Failed to verify signature of server config";
149 DLOG(WARNING) << *error_details; 149 DLOG(WARNING) << *error_details;
150 verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID; 150 verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID;
151 verify_details->reset(verify_details_.release()); 151 verify_details->reset(verify_details_.release());
152 return FAILURE; 152 return QUIC_FAILURE;
153 } 153 }
154 154
155 hostname_ = hostname; 155 hostname_ = hostname;
156 156
157 next_state_ = STATE_VERIFY_CERT; 157 next_state_ = STATE_VERIFY_CERT;
158 switch (DoLoop(OK)) { 158 switch (DoLoop(OK)) {
159 case OK: 159 case OK:
160 verify_details->reset(verify_details_.release()); 160 verify_details->reset(verify_details_.release());
161 return SUCCESS; 161 return QUIC_SUCCESS;
162 case ERR_IO_PENDING: 162 case ERR_IO_PENDING:
163 callback_.reset(callback); 163 callback_.reset(callback);
164 return PENDING; 164 return QUIC_PENDING;
165 default: 165 default:
166 *error_details = error_details_; 166 *error_details = error_details_;
167 verify_details->reset(verify_details_.release()); 167 verify_details->reset(verify_details_.release());
168 return FAILURE; 168 return QUIC_FAILURE;
169 } 169 }
170 } 170 }
171 171
172 int ProofVerifierChromium::Job::DoLoop(int last_result) { 172 int ProofVerifierChromium::Job::DoLoop(int last_result) {
173 int rv = last_result; 173 int rv = last_result;
174 do { 174 do {
175 State state = next_state_; 175 State state = next_state_;
176 next_state_ = STATE_NONE; 176 next_state_ = STATE_NONE;
177 switch (state) { 177 switch (state) {
178 case STATE_VERIFY_CERT: 178 case STATE_VERIFY_CERT:
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after
310 return true; 310 return true;
311 } 311 }
312 312
313 ProofVerifierChromium::ProofVerifierChromium(CertVerifier* cert_verifier) 313 ProofVerifierChromium::ProofVerifierChromium(CertVerifier* cert_verifier)
314 : cert_verifier_(cert_verifier) {} 314 : cert_verifier_(cert_verifier) {}
315 315
316 ProofVerifierChromium::~ProofVerifierChromium() { 316 ProofVerifierChromium::~ProofVerifierChromium() {
317 STLDeleteElements(&active_jobs_); 317 STLDeleteElements(&active_jobs_);
318 } 318 }
319 319
320 ProofVerifierChromium::Status ProofVerifierChromium::VerifyProof( 320 QuicAsyncStatus ProofVerifierChromium::VerifyProof(
321 const std::string& hostname, 321 const std::string& hostname,
322 const std::string& server_config, 322 const std::string& server_config,
323 const std::vector<std::string>& certs, 323 const std::vector<std::string>& certs,
324 const std::string& signature, 324 const std::string& signature,
325 const ProofVerifyContext* verify_context, 325 const ProofVerifyContext* verify_context,
326 std::string* error_details, 326 std::string* error_details,
327 scoped_ptr<ProofVerifyDetails>* verify_details, 327 scoped_ptr<ProofVerifyDetails>* verify_details,
328 ProofVerifierCallback* callback) { 328 ProofVerifierCallback* callback) {
329 if (!verify_context) { 329 if (!verify_context) {
330 *error_details = "Missing context"; 330 *error_details = "Missing context";
331 return FAILURE; 331 return QUIC_FAILURE;
332 } 332 }
333 const ProofVerifyContextChromium* chromium_context = 333 const ProofVerifyContextChromium* chromium_context =
334 reinterpret_cast<const ProofVerifyContextChromium*>(verify_context); 334 reinterpret_cast<const ProofVerifyContextChromium*>(verify_context);
335 scoped_ptr<Job> job(new Job(this, cert_verifier_, chromium_context->net_log)); 335 scoped_ptr<Job> job(new Job(this, cert_verifier_, chromium_context->net_log));
336 Status status = job->VerifyProof(hostname, server_config, certs, signature, 336 QuicAsyncStatus status = job->VerifyProof(hostname, server_config, certs,
337 error_details, verify_details, callback); 337 signature, error_details,
338 if (status == PENDING) { 338 verify_details, callback);
339 if (status == QUIC_PENDING) {
339 active_jobs_.insert(job.release()); 340 active_jobs_.insert(job.release());
340 } 341 }
341 return status; 342 return status;
342 } 343 }
343 344
344 void ProofVerifierChromium::OnJobComplete(Job* job) { 345 void ProofVerifierChromium::OnJobComplete(Job* job) {
345 active_jobs_.erase(job); 346 active_jobs_.erase(job);
346 delete job; 347 delete job;
347 } 348 }
348 349
349 } // namespace net 350 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/proof_verifier_chromium.h ('k') | net/quic/quic_connection.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698