1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 7 8 #include <string> 9 #include <vector> 10 11 #include "base/basictypes.h" 12 #include "base/compiler_specific.h" 13 #include "base/memory/scoped_ptr.h" 14 #include "net/base/completion_callback.h" 15 #include "net/base/net_export.h" 16 #include "net/base/net_log.h" 17 #include "net/cert/cert_verify_result.h" 18 #include "net/cert/x509_certificate.h" 19 #include "net/quic/crypto/proof_verifier.h" 20 21 namespace net { 22 23 class CertVerifier; 24 class SingleRequestCertVerifier; 25 26 // ProofVerifyDetailsChromium is the implementation-specific information that a 27 // ProofVerifierChromium returns about a certificate verification. 28 struct ProofVerifyDetailsChromium : public ProofVerifyDetails { 29 public: 30 CertVerifyResult cert_verify_result; 31 }; 32 33 // ProofVerifierChromium implements the QUIC ProofVerifier interface. 34 // TODO(rtenneti): Add support for multiple requests for one ProofVerifier. 35 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { 36 public: 37 ProofVerifierChromium(CertVerifier* cert_verifier, 38 const BoundNetLog& net_log); 39 virtual ~ProofVerifierChromium(); 40 41 // ProofVerifier interface 42 virtual Status VerifyProof(const std::string& hostname, 43 const std::string& server_config, 44 const std::vector<std::string>& certs, 45 const std::string& signature, 46 std::string* error_details, 47 scoped_ptr<ProofVerifyDetails>* details, 48 ProofVerifierCallback* callback) OVERRIDE; 49 50 private: 51 enum State { 52 STATE_NONE, 53 STATE_VERIFY_CERT, 54 STATE_VERIFY_CERT_COMPLETE, 55 }; 56 57 int DoLoop(int last_io_result); 58 void OnIOComplete(int result); 59 int DoVerifyCert(int result); 60 int DoVerifyCertComplete(int result); 61 62 bool VerifySignature(const std::string& signed_data, 63 const std::string& signature, 64 const std::string& cert); 65 66 // |cert_verifier_| and |verifier_| are used for verifying certificates. 67 CertVerifier* const cert_verifier_; 68 scoped_ptr<SingleRequestCertVerifier> verifier_; 69 70 // |hostname| specifies the hostname for which |certs| is a valid chain. 71 std::string hostname_; 72 73 scoped_ptr<ProofVerifierCallback> callback_; 74 scoped_ptr<ProofVerifyDetailsChromium> verify_details_; 75 std::string error_details_; 76 77 // X509Certificate from a chain of DER encoded certificates. 78 scoped_refptr<X509Certificate> cert_; 79 80 State next_state_; 81 82 BoundNetLog net_log_; 83 84 DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); 85 }; 86 87 } // namespace net 88 89 #endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 90