1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 7 8 #include <string> 9 #include <vector> 10 11 #include "base/basictypes.h" 12 #include "base/compiler_specific.h" 13 #include "base/memory/scoped_ptr.h" 14 #include "net/base/completion_callback.h" 15 #include "net/base/net_export.h" 16 #include "net/base/net_log.h" 17 #include "net/cert/cert_verify_result.h" 18 #include "net/cert/x509_certificate.h" 19 #include "net/quic/crypto/proof_verifier.h" 20 21 namespace net { 22 23 class CertVerifier; 24 class SingleRequestCertVerifier; 25 26 // ProofVerifyDetailsChromium is the implementation-specific information that a 27 // ProofVerifierChromium returns about a certificate verification. 28 struct ProofVerifyDetailsChromium : public ProofVerifyDetails { 29 public: 30 CertVerifyResult cert_verify_result; 31 }; 32 33 // ProofVerifierChromium implements the QUIC ProofVerifier interface. 34 // TODO(rtenneti): Add support for multiple requests for one ProofVerifier. 35 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { 36 public: 37 ProofVerifierChromium(CertVerifier* cert_verifier, 38 const BoundNetLog& net_log); 39 virtual ~ProofVerifierChromium(); 40 41 // ProofVerifier interface 42 virtual Status VerifyProof(QuicVersion version, 43 const std::string& hostname, 44 const std::string& server_config, 45 const std::vector<std::string>& certs, 46 const std::string& signature, 47 std::string* error_details, 48 scoped_ptr<ProofVerifyDetails>* details, 49 ProofVerifierCallback* callback) OVERRIDE; 50 51 private: 52 enum State { 53 STATE_NONE, 54 STATE_VERIFY_CERT, 55 STATE_VERIFY_CERT_COMPLETE, 56 }; 57 58 int DoLoop(int last_io_result); 59 void OnIOComplete(int result); 60 int DoVerifyCert(int result); 61 int DoVerifyCertComplete(int result); 62 63 bool VerifySignature(QuicVersion version, 64 const std::string& signed_data, 65 const std::string& signature, 66 const std::string& cert); 67 68 // |cert_verifier_| and |verifier_| are used for verifying certificates. 69 CertVerifier* const cert_verifier_; 70 scoped_ptr<SingleRequestCertVerifier> verifier_; 71 72 // |hostname| specifies the hostname for which |certs| is a valid chain. 73 std::string hostname_; 74 75 scoped_ptr<ProofVerifierCallback> callback_; 76 scoped_ptr<ProofVerifyDetailsChromium> verify_details_; 77 std::string error_details_; 78 79 // X509Certificate from a chain of DER encoded certificates. 80 scoped_refptr<X509Certificate> cert_; 81 82 State next_state_; 83 84 BoundNetLog net_log_; 85 86 DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); 87 }; 88 89 } // namespace net 90 91 #endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 92