1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_ 6 #define EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_ 7 8 #include <string> 9 10 namespace extensions { 11 namespace core_api { 12 namespace cast_channel { 13 14 class CastMessage; 15 16 struct AuthResult { 17 public: 18 enum ErrorType { 19 ERROR_NONE, 20 ERROR_PEER_CERT_EMPTY, 21 ERROR_WRONG_PAYLOAD_TYPE, 22 ERROR_NO_PAYLOAD, 23 ERROR_PAYLOAD_PARSING_FAILED, 24 ERROR_MESSAGE_ERROR, 25 ERROR_NO_RESPONSE, 26 ERROR_FINGERPRINT_NOT_FOUND, 27 ERROR_NSS_CERT_PARSING_FAILED, 28 ERROR_NSS_CERT_NOT_SIGNED_BY_TRUSTED_CA, 29 ERROR_NSS_CANNOT_EXTRACT_PUBLIC_KEY, 30 ERROR_NSS_SIGNED_BLOBS_MISMATCH 31 }; 32 33 // Constructs a AuthResult that corresponds to success. 34 AuthResult(); 35 ~AuthResult(); 36 37 static AuthResult Create(const std::string& error_message, 38 ErrorType error_type); 39 static AuthResult CreateWithNSSError(const std::string& error_message, 40 ErrorType error_type, 41 int nss_error_code); 42 43 bool success() const { return error_type == ERROR_NONE; } 44 45 std::string error_message; 46 ErrorType error_type; 47 int nss_error_code; 48 49 private: 50 AuthResult(const std::string& error_message, 51 ErrorType error_type, 52 int nss_error_code); 53 }; 54 55 // Authenticates the given |challenge_reply|: 56 // 1. Signature contained in the reply is valid. 57 // 2. Certficate used to sign is rooted to a trusted CA. 58 AuthResult AuthenticateChallengeReply(const CastMessage& challenge_reply, 59 const std::string& peer_cert); 60 61 } // namespace cast_channel 62 } // namespace core_api 63 } // namespace extensions 64 65 #endif // EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_ 66
