Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(292)

Side by Side Diff: net/quic/crypto/proof_source.h

Issue 992733002: Remove //net (except for Android test stuff) and sdch (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/p256_key_exchange_test.cc ('k') | net/quic/crypto/proof_source_chromium.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef NET_QUIC_CRYPTO_PROOF_SOURCE_H_
6 #define NET_QUIC_CRYPTO_PROOF_SOURCE_H_
7
8 #include <string>
9 #include <vector>
10
11 #include "net/base/ip_endpoint.h"
12 #include "net/base/net_export.h"
13
14 namespace net {
15
16 // ProofSource is an interface by which a QUIC server can obtain certificate
17 // chains and signatures that prove its identity.
18 class NET_EXPORT_PRIVATE ProofSource {
19 public:
20 virtual ~ProofSource() {}
21
22 // GetProof finds a certificate chain for |hostname|, sets |out_certs| to
23 // point to it (in leaf-first order), calculates a signature of
24 // |server_config| using that chain and puts the result in |out_signature|.
25 //
26 // The signature uses SHA-256 as the hash function and PSS padding when the
27 // key is RSA.
28 //
29 // The signature uses SHA-256 as the hash function when the key is ECDSA.
30 //
31 // If |ecdsa_ok| is true, the signature may use an ECDSA key. Otherwise, the
32 // signature must use an RSA key.
33 //
34 // |out_certs| is a pointer to a pointer, not a pointer to an array.
35 //
36 // The number of certificate chains is expected to be small and fixed thus
37 // the ProofSource retains ownership of the contents of |out_certs|. The
38 // expectation is that they will be cached forever.
39 //
40 // The signature values should be cached because |server_config| will be
41 // somewhat static. However, since they aren't bounded, the ProofSource may
42 // wish to evicit entries from that cache, thus the caller takes ownership of
43 // |*out_signature|.
44 //
45 // |hostname| may be empty to signify that a default certificate should be
46 // used.
47 //
48 // This function may be called concurrently.
49 virtual bool GetProof(const IPEndPoint& server_ip,
50 const std::string& hostname,
51 const std::string& server_config,
52 bool ecdsa_ok,
53 const std::vector<std::string>** out_certs,
54 std::string* out_signature) = 0;
55 };
56
57 } // namespace net
58
59 #endif // NET_QUIC_CRYPTO_PROOF_SOURCE_H_
OLDNEW
« no previous file with comments | « net/quic/crypto/p256_key_exchange_test.cc ('k') | net/quic/crypto/proof_source_chromium.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698