Home | History | Annotate | Download | only in crypto
      1 // Copyright 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
      6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
      7 
      8 #include <string>
      9 #include <vector>
     10 
     11 #include "base/basictypes.h"
     12 #include "base/compiler_specific.h"
     13 #include "base/memory/scoped_ptr.h"
     14 #include "net/base/completion_callback.h"
     15 #include "net/base/net_export.h"
     16 #include "net/base/net_log.h"
     17 #include "net/cert/cert_verify_result.h"
     18 #include "net/cert/x509_certificate.h"
     19 #include "net/quic/crypto/proof_verifier.h"
     20 
     21 namespace net {
     22 
     23 class CertVerifier;
     24 class SingleRequestCertVerifier;
     25 
     26 // ProofVerifyDetailsChromium is the implementation-specific information that a
     27 // ProofVerifierChromium returns about a certificate verification.
     28 struct ProofVerifyDetailsChromium : public ProofVerifyDetails {
     29  public:
     30   CertVerifyResult cert_verify_result;
     31 };
     32 
     33 // ProofVerifierChromium implements the QUIC ProofVerifier interface.
     34 // TODO(rtenneti): Add support for multiple requests for one ProofVerifier.
     35 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
     36  public:
     37   ProofVerifierChromium(CertVerifier* cert_verifier,
     38                         const BoundNetLog& net_log);
     39   virtual ~ProofVerifierChromium();
     40 
     41   // ProofVerifier interface
     42   virtual Status VerifyProof(const std::string& hostname,
     43                              const std::string& server_config,
     44                              const std::vector<std::string>& certs,
     45                              const std::string& signature,
     46                              std::string* error_details,
     47                              scoped_ptr<ProofVerifyDetails>* details,
     48                              ProofVerifierCallback* callback) OVERRIDE;
     49 
     50  private:
     51   enum State {
     52     STATE_NONE,
     53     STATE_VERIFY_CERT,
     54     STATE_VERIFY_CERT_COMPLETE,
     55   };
     56 
     57   int DoLoop(int last_io_result);
     58   void OnIOComplete(int result);
     59   int DoVerifyCert(int result);
     60   int DoVerifyCertComplete(int result);
     61 
     62   bool VerifySignature(const std::string& signed_data,
     63                        const std::string& signature,
     64                        const std::string& cert);
     65 
     66   // |cert_verifier_| and |verifier_| are used for verifying certificates.
     67   CertVerifier* const cert_verifier_;
     68   scoped_ptr<SingleRequestCertVerifier> verifier_;
     69 
     70   // |hostname| specifies the hostname for which |certs| is a valid chain.
     71   std::string hostname_;
     72 
     73   scoped_ptr<ProofVerifierCallback> callback_;
     74   scoped_ptr<ProofVerifyDetailsChromium> verify_details_;
     75   std::string error_details_;
     76 
     77   // X509Certificate from a chain of DER encoded certificates.
     78   scoped_refptr<X509Certificate> cert_;
     79 
     80   State next_state_;
     81 
     82   BoundNetLog net_log_;
     83 
     84   DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium);
     85 };
     86 
     87 }  // namespace net
     88 
     89 #endif  // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
     90