1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 7 8 #include <set> 9 #include <string> 10 #include <vector> 11 12 #include "base/basictypes.h" 13 #include "base/compiler_specific.h" 14 #include "base/memory/scoped_ptr.h" 15 #include "net/base/net_export.h" 16 #include "net/base/net_log.h" 17 #include "net/cert/cert_verify_result.h" 18 #include "net/cert/x509_certificate.h" 19 #include "net/quic/crypto/proof_verifier.h" 20 21 namespace net { 22 23 class CertVerifier; 24 class SingleRequestCertVerifier; 25 class TransportSecurityState; 26 27 // ProofVerifyDetailsChromium is the implementation-specific information that a 28 // ProofVerifierChromium returns about a certificate verification. 29 struct ProofVerifyDetailsChromium : public ProofVerifyDetails { 30 public: 31 CertVerifyResult cert_verify_result; 32 33 // pinning_failure_log contains a message produced by 34 // TransportSecurityState::DomainState::CheckPublicKeyPins in the event of a 35 // pinning failure. It is a (somewhat) human-readable string. 36 std::string pinning_failure_log; 37 }; 38 39 // ProofVerifyContextChromium is the implementation-specific information that a 40 // ProofVerifierChromium needs in order to log correctly. 41 struct ProofVerifyContextChromium : public ProofVerifyContext { 42 public: ProofVerifyContextChromiumProofVerifyContextChromium43 explicit ProofVerifyContextChromium(const BoundNetLog& net_log) 44 : net_log(net_log) {} 45 46 BoundNetLog net_log; 47 }; 48 49 // ProofVerifierChromium implements the QUIC ProofVerifier interface. It is 50 // capable of handling multiple simultaneous requests. 51 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { 52 public: 53 ProofVerifierChromium(CertVerifier* cert_verifier, 54 TransportSecurityState* transport_security_state); 55 virtual ~ProofVerifierChromium(); 56 57 // ProofVerifier interface 58 virtual QuicAsyncStatus VerifyProof( 59 const std::string& hostname, 60 const std::string& server_config, 61 const std::vector<std::string>& certs, 62 const std::string& signature, 63 const ProofVerifyContext* verify_context, 64 std::string* error_details, 65 scoped_ptr<ProofVerifyDetails>* verify_details, 66 ProofVerifierCallback* callback) OVERRIDE; 67 68 private: 69 class Job; 70 71 void OnJobComplete(Job* job); 72 73 // Set owning pointers to active jobs. 74 typedef std::set<Job*> JobSet; 75 JobSet active_jobs_; 76 77 // Underlying verifier used to verify certificates. 78 CertVerifier* const cert_verifier_; 79 80 TransportSecurityState* transport_security_state_; 81 82 DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); 83 }; 84 85 } // namespace net 86 87 #endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 88