• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
7 
8 #include <string>
9 #include <vector>
10 
11 #include "base/basictypes.h"
12 #include "base/compiler_specific.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "net/base/completion_callback.h"
15 #include "net/base/net_export.h"
16 #include "net/base/net_log.h"
17 #include "net/cert/cert_verify_result.h"
18 #include "net/cert/x509_certificate.h"
19 #include "net/quic/crypto/proof_verifier.h"
20 
21 namespace net {
22 
23 class CertVerifier;
24 class SingleRequestCertVerifier;
25 
26 // ProofVerifyDetailsChromium is the implementation-specific information that a
27 // ProofVerifierChromium returns about a certificate verification.
28 struct ProofVerifyDetailsChromium : public ProofVerifyDetails {
29  public:
30   CertVerifyResult cert_verify_result;
31 };
32 
33 // ProofVerifierChromium implements the QUIC ProofVerifier interface.
34 // TODO(rtenneti): Add support for multiple requests for one ProofVerifier.
35 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
36  public:
37   ProofVerifierChromium(CertVerifier* cert_verifier,
38                         const BoundNetLog& net_log);
39   virtual ~ProofVerifierChromium();
40 
41   // ProofVerifier interface
42   virtual Status VerifyProof(const std::string& hostname,
43                              const std::string& server_config,
44                              const std::vector<std::string>& certs,
45                              const std::string& signature,
46                              std::string* error_details,
47                              scoped_ptr<ProofVerifyDetails>* details,
48                              ProofVerifierCallback* callback) OVERRIDE;
49 
50  private:
51   enum State {
52     STATE_NONE,
53     STATE_VERIFY_CERT,
54     STATE_VERIFY_CERT_COMPLETE,
55   };
56 
57   int DoLoop(int last_io_result);
58   void OnIOComplete(int result);
59   int DoVerifyCert(int result);
60   int DoVerifyCertComplete(int result);
61 
62   bool VerifySignature(const std::string& signed_data,
63                        const std::string& signature,
64                        const std::string& cert);
65 
66   // |cert_verifier_| and |verifier_| are used for verifying certificates.
67   CertVerifier* const cert_verifier_;
68   scoped_ptr<SingleRequestCertVerifier> verifier_;
69 
70   // |hostname| specifies the hostname for which |certs| is a valid chain.
71   std::string hostname_;
72 
73   scoped_ptr<ProofVerifierCallback> callback_;
74   scoped_ptr<ProofVerifyDetailsChromium> verify_details_;
75   std::string error_details_;
76 
77   // X509Certificate from a chain of DER encoded certificates.
78   scoped_refptr<X509Certificate> cert_;
79 
80   State next_state_;
81 
82   BoundNetLog net_log_;
83 
84   DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium);
85 };
86 
87 }  // namespace net
88 
89 #endif  // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
90